From f8d5fd3d89f98dd2c18ccfafe51e163998e4f4fd Mon Sep 17 00:00:00 2001 From: Fabian Keil Date: Sat, 24 Jan 2015 16:42:57 +0000 Subject: [PATCH] Prevent parse errors after failing to deliver a client request with body For now we err on the safe side and simply throw all the following requests under the bus, even if no client body has been buffered. A compliant client will repeat the dropped requests on an untainted connection. The proper fix is to discard the no longer needed client body in the buffer (if there is one) and to continue parsing the bytes that follow. This is less trivial and will have to wait until the next release. Reported by Basil Hussain. --- jcc.c | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/jcc.c b/jcc.c index 2ad98ab4..00c92c1f 100644 --- a/jcc.c +++ b/jcc.c @@ -1,4 +1,4 @@ -const char jcc_rcs[] = "$Id: jcc.c,v 1.433 2015/01/24 16:40:37 fabiankeil Exp $"; +const char jcc_rcs[] = "$Id: jcc.c,v 1.434 2015/01/24 16:41:20 fabiankeil Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/jcc.c,v $ @@ -1956,6 +1956,21 @@ static void chat(struct client_state *csp) send_crunch_response(csp, rsp); } + /* + * Temporary workaround to prevent already-read client + * bodies from being parsed as new requests. For now we + * err on the safe side and throw all the following + * requests under the bus, even if no client body has been + * buffered. A compliant client will repeat the dropped + * requests on an untainted connection. + * + * The proper fix is to discard the no longer needed + * client body in the buffer (if there is one) and to + * continue parsing the bytes that follow. + */ + drain_and_close_socket(csp->cfd); + csp->cfd = JB_INVALID_SOCKET; + return; } #ifdef FEATURE_CONNECTION_KEEP_ALIVE -- 2.39.2