f90da3be1a
CentOS repo upgraded lighttpd srpm recently. To avoid srpm package missing, we need upgrade lighttpd to the 1.4.51 also. Pass build and basic deploy test. Story: 2004282 Task: 27832 Change-Id: I85c35be13abff454f955c19548d2dbea33dd8cac Signed-off-by: slin14 <shuicheng.lin@intel.com>
83 lines
2.2 KiB
Diff
83 lines
2.2 KiB
Diff
From 65107586a55c594c44b0a97a2d6756f6a0f0a5ca Mon Sep 17 00:00:00 2001
|
|
From: Giao Le <giao.le@windriver.com>
|
|
Date: Mon, 27 Aug 2018 19:41:36 +0800
|
|
Subject: [PATCH] check-length
|
|
|
|
Signed-off-by: zhipengl <zhipengs.liu@intel.com>
|
|
---
|
|
src/request.c | 47 ++++++++++++++++++++++++++++++++++++++++++++++-
|
|
1 file changed, 46 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/src/request.c b/src/request.c
|
|
index 213a87e..8c97f45 100644
|
|
--- a/src/request.c
|
|
+++ b/src/request.c
|
|
@@ -9,11 +9,40 @@
|
|
#include "sock_addr.h"
|
|
|
|
#include <sys/stat.h>
|
|
-
|
|
+#include <sys/statvfs.h>
|
|
#include <limits.h>
|
|
#include <stdlib.h>
|
|
#include <string.h>
|
|
#include <sys-strings.h>
|
|
+#include <errno.h>
|
|
+
|
|
+static size_t get_tempdirs_free_space(server *srv)
|
|
+{
|
|
+ int i;
|
|
+ int valid = 0;
|
|
+ size_t total = 0;
|
|
+ array *dirs = srv->srvconf.upload_tempdirs;
|
|
+
|
|
+ for (i = 0; i < (int)dirs->used; ++i) {
|
|
+ struct statvfs stat;
|
|
+ const char *name = ((data_string *)dirs->data[i])->value->ptr;
|
|
+ int ret = statvfs(name, &stat);
|
|
+
|
|
+ if (ret >= 0) {
|
|
+ size_t df = (size_t)(stat.f_bsize * stat.f_bfree);
|
|
+ total += df;
|
|
+ valid = 1;
|
|
+ }
|
|
+ else {
|
|
+ log_error_write(srv, __FILE__, __LINE__, "ssss",
|
|
+ "dir:", name,
|
|
+ "error:", strerror(errno));
|
|
+ }
|
|
+ }
|
|
+
|
|
+ return (valid) ? total : SSIZE_MAX;
|
|
+}
|
|
+
|
|
|
|
static int request_check_hostname(buffer *host) {
|
|
enum { DOMAINLABEL, TOPLABEL } stage = TOPLABEL;
|
|
@@ -1149,6 +1178,22 @@ int http_request_parse(server *srv, connection *con) {
|
|
con->http_status = 411;
|
|
goto failure;
|
|
}
|
|
+ /* content-length is larger than 64k */
|
|
+ if (con->request.content_length > 64*1024) {
|
|
+ size_t disk_free = get_tempdirs_free_space(srv);
|
|
+ if (con->request.content_length > disk_free) {
|
|
+ con->http_status = 413;
|
|
+ con->keep_alive = 0;
|
|
+
|
|
+ log_error_write(srv, __FILE__, __LINE__, "ssosos",
|
|
+ "not enough free space in tempdirs:",
|
|
+ "length =", (off_t) con->request.content_length,
|
|
+ "free =", (off_t) disk_free,
|
|
+ "-> 413");
|
|
+ return 0;
|
|
+ }
|
|
+ }
|
|
+
|
|
break;
|
|
default:
|
|
break;
|
|
--
|
|
2.7.4
|
|
|