close connection if content-length != number of bytes written

Tue, 01 Nov 2022 20:46:15 +0100

author
Olaf Wintermann <olaf.wintermann@gmail.com>
date
Tue, 01 Nov 2022 20:46:15 +0100
changeset 407
78af44222463
parent 406
e5d96f6b9306
child 408
56edda8701e0

close connection if content-length != number of bytes written

src/server/daemon/httprequest.c file | annotate | diff | comparison | revisions
src/server/util/io.c file | annotate | diff | comparison | revisions
src/server/util/io.h file | annotate | diff | comparison | revisions
--- a/src/server/daemon/httprequest.c	Tue Nov 01 20:39:41 2022 +0100
+++ b/src/server/daemon/httprequest.c	Tue Nov 01 20:46:15 2022 +0100
@@ -614,6 +614,16 @@
         rq->rq.rq_attr.keep_alive = 0;
     }
     
+    char *response_content_length = pblock_findkeyval(pb_key_content_length, rq->rq.srvhdrs);
+    int64_t response_ctlen;
+    if(response_content_length && util_strtoint(response_content_length, &response_ctlen)) {
+        int64_t w = httpstream_written(sn->sn.csd);
+        if(w != response_ctlen) {
+            log_ereport(LOG_WARN, "nsapi_finish_request: content-length != number of bytes written");
+            rq->rq.rq_attr.keep_alive = 0; // fatal io error, we can not safely reuse the connection
+        }
+    }
+    
     if(rq->rq.rq_attr.keep_alive) {
         SessionHandler *sh = sn->connection->session_handler;
         sh->keep_alive(sh, sn->connection);
--- a/src/server/util/io.c	Tue Nov 01 20:39:41 2022 +0100
+++ b/src/server/util/io.c	Tue Nov 01 20:46:15 2022 +0100
@@ -307,6 +307,11 @@
     return http->read_eof;
 }
 
+int64_t httpstream_written(IOStream *st) {
+    HttpStream *http = (HttpStream*)st;
+    return http->written;
+}
+
 ssize_t net_http_write(HttpStream *st, void *buf, size_t nbytes) {
     if(st->write_eof) return 0;
     IOStream *fd = st->fd;
--- a/src/server/util/io.h	Tue Nov 01 20:39:41 2022 +0100
+++ b/src/server/util/io.h	Tue Nov 01 20:46:15 2022 +0100
@@ -171,6 +171,7 @@
 int httpstream_enable_chunked_write(IOStream *st);
 int httpstream_set_max_read(IOStream *st, int64_t maxread);
 WSBool httpstream_eof(IOStream *st);
+int64_t httpstream_written(IOStream *st);
 
 ssize_t net_http_write(HttpStream *st, void *buf, size_t nbytes);
 ssize_t net_http_writev(HttpStream *st, struct iovec *iovec, int iovcnt);

mercurial