From: Fabian Keil <fk@fabiankeil.de>
Date: Wed, 26 Feb 2020 07:50:27 +0000 (+0100)
Subject: If the amount of encrypted POST data left is known, don't read more than this
X-Git-Tag: v_3_0_29~461
X-Git-Url: http://www.privoxy.org/gitweb/%22https:/@default-cgi@error-favicon.ico?a=commitdiff_plain;h=6e113cb8b12eb1485dd8b434ae93cbaacba0b7eb;p=privoxy.git

If the amount of encrypted POST data left is known, don't read more than this

Sponsored by: Robert Klemme
---

diff --git a/jcc.c b/jcc.c
index a3f92ecb..2870100e 100644
--- a/jcc.c
+++ b/jcc.c
@@ -2028,12 +2028,23 @@ static int send_http_request(struct client_state *csp)
  *********************************************************************/
 static jb_err receive_and_send_encrypted_post_data(struct client_state *csp)
 {
-   unsigned char buf[BUFFER_SIZE];
-   int len;
+   int content_length_known = csp->expected_client_content_length != 0;
 
    while (is_ssl_pending(&(csp->mbedtls_client_attr.ssl)))
    {
-      len = ssl_recv_data(&(csp->mbedtls_client_attr.ssl), buf, sizeof(buf));
+      unsigned char buf[BUFFER_SIZE];
+      int len;
+      int max_bytes_to_read = sizeof(buf);
+
+      if (content_length_known && csp->expected_client_content_length < sizeof(buf))
+      {
+         max_bytes_to_read = (int)csp->expected_client_content_length;
+      }
+      log_error(LOG_LEVEL_CONNECT,
+         "Waiting for up to %d bytes of POST data from the client.",
+         max_bytes_to_read);
+      len = ssl_recv_data(&(csp->mbedtls_client_attr.ssl), buf,
+         (unsigned)max_bytes_to_read);
       if (len == -1)
       {
          return 1;
@@ -2056,6 +2067,11 @@ static jb_err receive_and_send_encrypted_post_data(struct client_state *csp)
          {
             csp->expected_client_content_length -= (unsigned)len;
          }
+         if (csp->expected_client_content_length == 0)
+         {
+            log_error(LOG_LEVEL_HEADER, "Forwarded the last %d bytes", len);
+            break;
+         }
       }
    }