At the end of parsing the http response header do some sanity checks

mirror of https://github.com/openbsd/src.git synced 2026-04-16 10:14:35 +00:00

to ensure that the response includes all needed data.

Right now only the presence of a Location header is checked if a HTTP
redirect was returned (e.g. a 301 status).

Different fix for a report from Daniel Anderson
OK tb@

This commit is contained in:

claudio

2026-04-09 18:35:49 +00:00

parent 7bdd0d20c1

commit f97bb3898e

1 changed files with 8 additions and 3 deletions

									
										11

usr.sbin/rpki-client/http.c
									
												View File
												
				@@ -1,4 +1,4 @@

				/*	$OpenBSD: http.c,v 1.101 2026/03/27 08:10:46 job Exp $ */

				/*	$OpenBSD: http.c,v 1.102 2026/04/09 18:35:49 claudio Exp $ */

				/*

				 * Copyright (c) 2020 Nils Fisher <nils_fisher@hotmail.com>

				 * Copyright (c) 2020 Claudio Jeker <claudio@openbsd.org>

				@@ -1381,9 +1381,14 @@ http_parse_header(struct http_connection *conn, char *buf)

					cp = buf;

					/* empty line, end of header */

					if (*cp == '\0')

					if (*cp == '\0') {

						/* check consistency of header fields */

						if (http_isredirect(conn) && conn->redir_uri == NULL) {

							warnx("%s: redirect with no location", conn->req->uri);

							return -1;

						}

						return 0;

					else if (strncasecmp(cp, CONTENTLEN, sizeof(CONTENTLEN) - 1) == 0) {

					} else if (strncasecmp(cp, CONTENTLEN, sizeof(CONTENTLEN) - 1) == 0) {

						cp += sizeof(CONTENTLEN) - 1;

						cp += strspn(cp, " \t");

						conn->iosz = strtonum(cp, 0, MAX_CONTENTLEN, &errstr);

At the end of parsing the http response header do some sanity checks

11 usr.sbin/rpki-client/http.c Unescape Escape View File

11

usr.sbin/rpki-client/http.c

View File