sam_oneal/dial-reference
1
0
Fork 0
mirror of https://github.com/Netflix/dial-reference.git synced 2026-06-08 10:59:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Reject HTTP requests with an invalid (e.g. negative) Content-Length header value.

Browse Source 
Make sure to allocate enough memory in buffers for the operations they are used for, and to check/enforce buffer sizes when performing those memory operations.
Properly allocate and free memory.
Make a best effort at allocating memory for the network hardware address (remove code for Apple platforms).
Try to consume all of the remaining content if a valid Content-Length header was provided.
Check for success when attempting to acquire mutexes.
This commit is contained in:
Wesley Miaw
2019-10-07 14:38:16 -07:00
parent 8c13345a4d
commit 93756a84ea
10 changed files with 555 additions and 300 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
server/system_callbacks.c
View File

@@ -20,8 +20,8 @@ DIALStatus system_start(DIALServer *ds, const char *appname, const char *payload
if (strlen(spSleepPassword) != 0) {
/* Look for key */
char *key_value;
if ( (key_value = strchr(query_string, '&')) == '\0' ) {
char *key_value = strchr(query_string, '&');
if ( key_value == NULL || *key_value == '\0' ) {
return kDIALStatusErrorForbidden; // No key specified.
}