From a32e6d4b4bef5a2dd1dd7e576cf5e830eee28760 Mon Sep 17 00:00:00 2001
From: Fabian Keil <fk@fabiankeil.de>
Date: Tue, 6 May 2008 15:09:00 +0000
Subject: [PATCH] Least-effort fix for bug #1821930 (reported by Lee): If the
 response doesn't look like HTTP, tell the client and log the problem.

---
 jcc.c | 37 ++++++++++++++++++++++++++++++++++++-
 1 file changed, 36 insertions(+), 1 deletion(-)

diff --git a/jcc.c b/jcc.c
index 8f408e8c..0d6ef70c 100644
--- a/jcc.c
+++ b/jcc.c
@@ -1,4 +1,4 @@
-const char jcc_rcs[] = "$Id: jcc.c,v 1.171 2008/03/27 18:27:25 fabiankeil Exp $";
+const char jcc_rcs[] = "$Id: jcc.c,v 1.172 2008/04/16 16:38:21 fabiankeil Exp $";
 /*********************************************************************
  *
  * File        :  $Source: /cvsroot/ijbswa/current/jcc.c,v $
@@ -33,6 +33,10 @@ const char jcc_rcs[] = "$Id: jcc.c,v 1.171 2008/03/27 18:27:25 fabiankeil Exp $"
  *
  * Revisions   :
  *    $Log: jcc.c,v $
+ *    Revision 1.172  2008/04/16 16:38:21  fabiankeil
+ *    Don't pass the whole csp structure to flush_socket()
+ *    when it only needs a file descriptor and a buffer.
+ *
  *    Revision 1.171  2008/03/27 18:27:25  fabiankeil
  *    Remove kill-popups action.
  *
@@ -1184,6 +1188,14 @@ static const char NO_SERVER_DATA_RESPONSE[] =
    "Empty server or forwarder response.\r\n"
    "The connection has been closed but Privoxy didn't receive any data.\r\n";
 
+/* XXX: should be a template */
+static const char INVALID_SERVER_HEADERS_RESPONSE[] =
+   "HTTP/1.0 502 Server or forwarder response invalid\r\n"
+   "Proxy-Agent: Privoxy " VERSION "\r\n"
+   "Content-Type: text/plain\r\n"
+   "Connection: close\r\n\r\n"
+   "Bad response. The server or forwarder response doesn't look like HTTP.\r\n";
+
 #if 0
 /* XXX: should be a template */
 static const char NULL_BYTE_RESPONSE[] =
@@ -2662,6 +2674,29 @@ static void chat(struct client_state *csp)
                return;
             }
 
+            assert(csp->headers->first->str);
+            assert(!http->ssl);
+            if (strncmpic(csp->headers->first->str, "HTTP", 4))
+            {
+               /*
+                * It doesn't look like a HTTP response:
+                * tell the client and log the problem.
+                */
+               if (strlen(csp->headers->first->str) > 30)
+               {
+                  csp->headers->first->str[30] = '\0';
+               }
+               log_error(LOG_LEVEL_ERROR,
+                  "Invalid server or forwarder response. Starts with: %s",
+                  csp->headers->first->str);
+               log_error(LOG_LEVEL_CLF,
+                  "%s - - [%T] \"%s\" 502 0", csp->ip_addr_str, http->cmd);
+               write_socket(csp->cfd, INVALID_SERVER_HEADERS_RESPONSE,
+                  strlen(INVALID_SERVER_HEADERS_RESPONSE));
+               free_http_request(http);
+               return;
+            }
+
             /* we have now received the entire header.
              * filter it and send the result to the client
              */
-- 
2.39.2