From: Fabian Keil Date: Wed, 26 Feb 2020 07:50:27 +0000 (+0100) Subject: If the amount of encrypted POST data left is known, don't read more than this X-Git-Tag: v_3_0_29~461 X-Git-Url: http://www.privoxy.org/gitweb/%22https:/developer-manual/faq/user-manual/static/@user-manual@@actions-help-prefix@LIMIT-CONNECT?a=commitdiff_plain;h=6e113cb8b12eb1485dd8b434ae93cbaacba0b7eb;p=privoxy.git If the amount of encrypted POST data left is known, don't read more than this Sponsored by: Robert Klemme --- diff --git a/jcc.c b/jcc.c index a3f92ecb..2870100e 100644 --- a/jcc.c +++ b/jcc.c @@ -2028,12 +2028,23 @@ static int send_http_request(struct client_state *csp) *********************************************************************/ static jb_err receive_and_send_encrypted_post_data(struct client_state *csp) { - unsigned char buf[BUFFER_SIZE]; - int len; + int content_length_known = csp->expected_client_content_length != 0; while (is_ssl_pending(&(csp->mbedtls_client_attr.ssl))) { - len = ssl_recv_data(&(csp->mbedtls_client_attr.ssl), buf, sizeof(buf)); + unsigned char buf[BUFFER_SIZE]; + int len; + int max_bytes_to_read = sizeof(buf); + + if (content_length_known && csp->expected_client_content_length < sizeof(buf)) + { + max_bytes_to_read = (int)csp->expected_client_content_length; + } + log_error(LOG_LEVEL_CONNECT, + "Waiting for up to %d bytes of POST data from the client.", + max_bytes_to_read); + len = ssl_recv_data(&(csp->mbedtls_client_attr.ssl), buf, + (unsigned)max_bytes_to_read); if (len == -1) { return 1; @@ -2056,6 +2067,11 @@ static jb_err receive_and_send_encrypted_post_data(struct client_state *csp) { csp->expected_client_content_length -= (unsigned)len; } + if (csp->expected_client_content_length == 0) + { + log_error(LOG_LEVEL_HEADER, "Forwarded the last %d bytes", len); + break; + } } }