X-Git-Url: http://www.privoxy.org/gitweb/?a=blobdiff_plain;f=jcc.c;h=5223c5e9f2ffa232ecb8a70fcee39ee778317227;hb=6de90d2aebacdb36101b8c2c8aec082842a6883c;hp=795361359c594af8d3d96102a310d5269ff3de7e;hpb=8ee7f337d9dda6875f15cab70475febd9ae9488a;p=privoxy.git

diff --git a/jcc.c b/jcc.c
index 79536135..5223c5e9 100644
--- a/jcc.c
+++ b/jcc.c
@@ -1,4 +1,4 @@
-const char jcc_rcs[] = "$Id: jcc.c,v 1.432 2014/12/19 12:28:10 fabiankeil Exp $";
+const char jcc_rcs[] = "$Id: jcc.c,v 1.435 2015/01/24 16:42:57 fabiankeil Exp $";
 /*********************************************************************
  *
  * File        :  $Source: /cvsroot/ijbswa/current/jcc.c,v $
@@ -1388,12 +1388,15 @@ static enum chunk_status chunked_body_is_complete(struct iob *iob, size_t *lengt
       {
          return CHUNK_STATUS_PARSE_ERROR;
       }
-      /*
-       * Skip "\r\n", the chunk data and another "\r\n".
-       * Moving p to either the beginning of the next chunk-size
-       * or one byte beyond the end of the chunked data.
-       */
-      p += 2 + chunksize + 2;
+      /* Move beyond the chunkdata. */
+      p += 2 + chunksize;
+
+      /* There should be another "\r\n" to skip */
+      if (memcmp(p, "\r\n", 2))
+      {
+         return CHUNK_STATUS_PARSE_ERROR;
+      }
+      p += 2;
    } while (chunksize > 0U);
 
    *length = (size_t)(p - iob->cur);
@@ -1953,6 +1956,21 @@ static void chat(struct client_state *csp)
             send_crunch_response(csp, rsp);
          }
 
+         /*
+          * Temporary workaround to prevent already-read client
+          * bodies from being parsed as new requests. For now we
+          * err on the safe side and throw all the following
+          * requests under the bus, even if no client body has been
+          * buffered. A compliant client will repeat the dropped
+          * requests on an untainted connection.
+          *
+          * The proper fix is to discard the no longer needed
+          * client body in the buffer (if there is one) and to
+          * continue parsing the bytes that follow.
+          */
+         drain_and_close_socket(csp->cfd);
+         csp->cfd = JB_INVALID_SOCKET;
+
          return;
       }
 #ifdef FEATURE_CONNECTION_KEEP_ALIVE
@@ -3916,7 +3934,9 @@ static void listen_loop(void)
       }
       csp = &csp_list->csp;
 
-      log_error(LOG_LEVEL_CONNECT, "Listening for new connections ... ");
+      log_error(LOG_LEVEL_CONNECT,
+         "Waiting for the next client connection. Currently active threads: %d",
+         active_threads);
 
       if (!accept_connection(csp, bfds))
       {
@@ -4170,7 +4190,8 @@ static void listen_loop(void)
              * XXX: If you assume ...
              */
             log_error(LOG_LEVEL_ERROR,
-               "Unable to take any additional connections: %E");
+               "Unable to take any additional connections: %E. Active threads: %d",
+               active_threads);
             write_socket(csp->cfd, TOO_MANY_CONNECTIONS_RESPONSE,
                strlen(TOO_MANY_CONNECTIONS_RESPONSE));
             close_socket(csp->cfd);