nodejs/http-parser
1
0
Fork 0
mirror of https://github.com/nodejs/http-parser.git synced 2025-10-20 05:15:13 +08:00
Code Issues Packages Projects Releases Wiki Activity

Do not accept PUN/GEM methods as PUT/GET.

Browse Source 
* Encountering them returns an error, `HPE_INVALID_METHOD`
* Tests have been added.
This commit is contained in:
Chris Dickinson
2013-08-19 22:16:25 -07:00
committed by Ben Noordhuis
parent ad3b631d4f
commit ddfa1b3ee3
2 changed files with 21 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
http_parser.c
View File

@@ -954,6 +954,7 @@ size_t http_parser_execute (http_parser *parser,
if (parser->index == 1 && ch == 'E') {
parser->method = HTTP_SEARCH;
} else {
SET_ERRNO(HPE_INVALID_METHOD);
goto error;
}
} else if (parser->index == 1 && parser->method == HTTP_POST) {
@@ -964,13 +965,27 @@ size_t http_parser_execute (http_parser *parser,
} else if (ch == 'A') {
parser->method = HTTP_PATCH;
} else {
SET_ERRNO(HPE_INVALID_METHOD);
goto error;
}
} else if (parser->index == 2) {
if (parser->method == HTTP_PUT) {
if (ch == 'R') parser->method = HTTP_PURGE;
if (ch == 'R') {
parser->method = HTTP_PURGE;
} else {
SET_ERRNO(HPE_INVALID_METHOD);
goto error;
}
} else if (parser->method == HTTP_UNLOCK) {
if (ch == 'S') parser->method = HTTP_UNSUBSCRIBE;
if (ch == 'S') {
parser->method = HTTP_UNSUBSCRIBE;
} else {
SET_ERRNO(HPE_INVALID_METHOD);
goto error;
}
} else {
SET_ERRNO(HPE_INVALID_METHOD);
goto error;
}
} else if (parser->index == 4 && parser->method == HTTP_PROPFIND && ch == 'P') {
parser->method = HTTP_PROPPATCH;

5
test.c
View File

@@ -3119,7 +3119,10 @@ main (void)
test_simple("hello world", HPE_INVALID_METHOD);
test_simple("GET / HTP/1.1\r\n\r\n", HPE_INVALID_VERSION);
test_simple("GEM / HTTP/1.1\r\n\r\n", HPE_INVALID_METHOD);
test_simple("PUN / HTTP/1.1\r\n\r\n", HPE_INVALID_METHOD);
test_simple("PX / HTTP/1.1\r\n\r\n", HPE_INVALID_METHOD);
test_simple("SA / HTTP/1.1\r\n\r\n", HPE_INVALID_METHOD);
test_simple("ASDF / HTTP/1.1\r\n\r\n", HPE_INVALID_METHOD);
test_simple("PROPPATCHA / HTTP/1.1\r\n\r\n", HPE_INVALID_METHOD);