From 511483e12c1ce2e558d9f7a90573a46015319e5e Mon Sep 17 00:00:00 2001 From: levlam Date: Sat, 25 Nov 2023 02:34:37 +0300 Subject: [PATCH] Fail HTTP request reading if unexpected end of data reached. --- tdnet/td/net/HttpReader.cpp | 10 ++++++++++ tdnet/td/net/HttpReader.h | 2 ++ tdutils/td/utils/ByteFlow.h | 2 ++ 3 files changed, 14 insertions(+) diff --git a/tdnet/td/net/HttpReader.cpp b/tdnet/td/net/HttpReader.cpp index 953495c1d..d479d28e1 100644 --- a/tdnet/td/net/HttpReader.cpp +++ b/tdnet/td/net/HttpReader.cpp @@ -43,6 +43,16 @@ Result HttpReader::read_next(HttpQuery *query, bool can_be_slow) { CHECK(query_ == nullptr); query_ = query; } + + auto r_size = do_read_next(can_be_slow); + if (state_ != State::ReadHeaders && flow_sink_.is_ready() && r_size.is_ok() && r_size.ok() > 0) { + CHECK(flow_sink_.status().is_ok()); + return Status::Error(400, "Bad Request: unexpected end of request content"); + } + return r_size; +} + +Result HttpReader::do_read_next(bool can_be_slow) { size_t need_size = input_->size() + 1; while (true) { if (state_ != State::ReadHeaders) { diff --git a/tdnet/td/net/HttpReader.h b/tdnet/td/net/HttpReader.h index 4c360435d..8f5be2a33 100644 --- a/tdnet/td/net/HttpReader.h +++ b/tdnet/td/net/HttpReader.h @@ -87,6 +87,8 @@ class HttpReader { string temp_file_name_; int64 file_size_ = 0; + Result do_read_next(bool can_be_slow); + Result split_header() TD_WARN_UNUSED_RESULT; void process_header(MutableSlice header_name, MutableSlice header_value); Result parse_multipart_form_data(bool can_be_slow) TD_WARN_UNUSED_RESULT; diff --git a/tdutils/td/utils/ByteFlow.h b/tdutils/td/utils/ByteFlow.h index 0d228abcf..56be77f14 100644 --- a/tdutils/td/utils/ByteFlow.h +++ b/tdutils/td/utils/ByteFlow.h @@ -25,6 +25,7 @@ class ByteFlowInterface { virtual size_t get_write_size() = 0; virtual void reset_need_size() { } + ByteFlowInterface() = default; ByteFlowInterface(const ByteFlowInterface &) = delete; ByteFlowInterface &operator=(const ByteFlowInterface &) = delete; @@ -139,6 +140,7 @@ class ByteFlowBaseCommon : public ByteFlowInterface { bool can_read{true}; bool can_write{true}; Options options_; + void finish(Status status) { stop_flag_ = true; need_size_ = 0;