diff options
author | Mattias Andrée <maandree@operamail.com> | 2014-09-20 12:49:24 +0200 |
---|---|---|
committer | Mattias Andrée <maandree@operamail.com> | 2014-09-20 12:49:24 +0200 |
commit | 2779c381ec0d8f6fdac084f439e4977f722284d9 (patch) | |
tree | 900ce3ca0013be47af0450699fccb45bd61c2458 | |
parent | add verify_utf8 (diff) | |
download | mds-2779c381ec0d8f6fdac084f439e4977f722284d9.tar.gz mds-2779c381ec0d8f6fdac084f439e4977f722284d9.tar.bz2 mds-2779c381ec0d8f6fdac084f439e4977f722284d9.tar.xz |
verify that headers in messages are encoded with proper utf-8
Signed-off-by: Mattias Andrée <maandree@operamail.com>
-rw-r--r-- | src/libmdsserver/mds-message.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/src/libmdsserver/mds-message.c b/src/libmdsserver/mds-message.c index a5b9b95..d616355 100644 --- a/src/libmdsserver/mds-message.c +++ b/src/libmdsserver/mds-message.c @@ -18,6 +18,7 @@ #include "mds-message.h" #include "macros.h" +#include "util.h" #include <stdlib.h> #include <string.h> @@ -179,7 +180,7 @@ static int get_payload_length(mds_message_t* restrict this) /** - * Verify that a header is correctly formated + * Verify that a header is correctly formatted * * @param header The header, must be NUL-terminated * @param length The length of the header @@ -189,6 +190,11 @@ static int __attribute__((pure)) validate_header(const char* header, size_t leng { char* p = memchr(header, ':', length * sizeof(char)); + if (verify_utf8(header, 0) < 0) + /* Either the string is not UTF-8, or your are under an UTF-8 attack, + lets just call this unrecoverable because the client will not correct. */ + return -2; + if ((p == NULL) || /* Buck you, rawmemchr should not segfault the program. */ (p[1] != ' ')) /* Also an invalid format. ' ' is mandated after the ':'. */ return -2; |