diff --git a/src/connections.c b/src/connections.c index 81ca5c91..c6cb84ce 100644 --- a/src/connections.c +++ b/src/connections.c @@ -700,13 +700,7 @@ static int connection_reset(server *srv, connection *con) { } __attribute_noinline__ -static void connection_discard_blank_line(connection *con, const buffer *hdrs, unsigned short *hoff) { - const char * const s = hdrs->ptr + hoff[1]; - #ifdef __COVERITY__ - if (buffer_string_length(hdrs) - hoff[1] < 2) { - return; - } - #endif +static void connection_discard_blank_line(connection *con, const char * const s, unsigned short *hoff) { if ((s[0] == '\r' && s[1] == '\n') || (s[0] == '\n' && !(con->conf.http_parseopts & HTTP_PARSEOPT_HEADER_STRICT))) { @@ -823,7 +817,13 @@ static int connection_handle_read_state(server * const srv, connection * const c if (NULL == c) return 0; /* incomplete request headers */ - buffer * const hdrs = c->mem; + #ifdef __COVERITY__ + if (buffer_string_length(c->mem) < hoff[1]) { + return 1; + } + #endif + + char * const hdrs = c->mem->ptr + hoff[1]; if (con->request_count > 1) { /* skip past \r\n or \n after previous POST request when keep-alive */ @@ -841,7 +841,7 @@ static int connection_handle_read_state(server * const srv, connection * const c if (con->conf.log_request_header) { log_error(con->errh, __FILE__, __LINE__, "fd: %d request-len: %zu\n%.*s", con->fd, con->header_len, - (int)con->header_len, hdrs->ptr + hoff[1]); + (int)con->header_len, hdrs); } con->http_status = http_request_parse(con, hdrs, hoff); @@ -853,7 +853,7 @@ static int connection_handle_read_state(server * const srv, connection * const c /*(http_request_parse() modifies hdrs only to * undo line-wrapping in-place using spaces)*/ log_error(con->errh, __FILE__, __LINE__, "request-header:\n%.*s", - (int)con->header_len, hdrs->ptr + hoff[1]); + (int)con->header_len, hdrs); } } diff --git a/src/request.c b/src/request.c index ac17b8b2..862f8c6d 100644 --- a/src/request.c +++ b/src/request.c @@ -794,20 +794,19 @@ static int http_request_parse_headers(connection *con, char * const ptr, const u return 0; } -int http_request_parse(connection * const con, buffer * const hdrs, const unsigned short * const hoff) { +int http_request_parse(connection * const con, char * const hdrs, const unsigned short * const hoff) { /* * Request: "^(GET|POST|HEAD|...) ([^ ]+(\\?[^ ]+|)) (HTTP/1\\.[01])$" * Header : "^([-a-zA-Z]+): (.+)$" * End : "^$" */ - char * const ptr = hdrs->ptr+hoff[1]; int status; - status = http_request_parse_reqline(con, ptr, hoff); + status = http_request_parse_reqline(con, hdrs, hoff); if (0 != status) return status; - status = http_request_parse_headers(con, ptr, hoff); + status = http_request_parse_headers(con, hdrs, hoff); if (0 != status) return status; /* post-processing */ diff --git a/src/request.h b/src/request.h index c600a5a5..84503d9e 100644 --- a/src/request.h +++ b/src/request.h @@ -5,7 +5,7 @@ #include "base_decls.h" #include "buffer.h" -int http_request_parse(connection *con, buffer *hdrs, const unsigned short *hloffsets); +int http_request_parse(connection *con, char *hdrs, const unsigned short *hloffsets); int http_request_host_normalize(buffer *b, int scheme_port); int http_request_host_policy(connection *con, buffer *b, const buffer *scheme); diff --git a/src/t/test_request.c b/src/t/test_request.c index 23915e44..25795531 100644 --- a/src/t/test_request.c +++ b/src/t/test_request.c @@ -40,7 +40,7 @@ static void run_http_request_parse(connection *con, int line, int status, const hloffsets[hloffsets[0]] = n - req + 1; } --hloffsets[0]; /*(ignore final blank line "\r\n" ending headers)*/ - int http_status = http_request_parse(con, hdrs, hloffsets); + int http_status = http_request_parse(con, hdrs->ptr, hloffsets); if (http_status != status) { fprintf(stderr, "%s.%d: %s() failed: expected '%d', got '%d' for test %s\n",