aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorDan Engelbrecht <[email protected]>2024-03-12 09:53:20 +0100
committerGitHub <[email protected]>2024-03-12 09:53:20 +0100
commite130e105d1de7c658b59ce5dd9a226129c318a2c (patch)
tree38eb33710a9ec970b52aee95e3e041990d915885 /src
parentfix zenserver state macos (#669) (diff)
downloadzen-e130e105d1de7c658b59ce5dd9a226129c318a2c.tar.xz
zen-e130e105d1de7c658b59ce5dd9a226129c318a2c.zip
http request parser safety (#664)
* make sure we don't add more headers than we support * don't capture for loop variables by reference for async work
Diffstat (limited to 'src')
-rw-r--r--src/zenhttp/servers/httpparser.cpp8
-rw-r--r--src/zenstore/cache/cachedisklayer.cpp4
2 files changed, 9 insertions, 3 deletions
diff --git a/src/zenhttp/servers/httpparser.cpp b/src/zenhttp/servers/httpparser.cpp
index c64134c95..0a1c5686a 100644
--- a/src/zenhttp/servers/httpparser.cpp
+++ b/src/zenhttp/servers/httpparser.cpp
@@ -124,6 +124,13 @@ void
HttpRequestParser::AppendCurrentHeader()
{
std::string_view HeaderName(m_CurrentHeaderName, m_CurrentHeaderNameLength);
+ if (m_Headers.size() == std::numeric_limits<int8_t>::max())
+ {
+ ZEN_WARN("HttpRequestParser parser only supports up to {} headers, can't store header '{}'. Dropping it.",
+ std::numeric_limits<int8_t>::max(),
+ HeaderName);
+ return;
+ }
std::string_view HeaderValue(m_CurrentHeaderValue, m_CurrentHeaderValueLength);
const uint32_t HeaderHash = HashStringAsLowerDjb2(HeaderName);
@@ -335,7 +342,6 @@ HttpRequestParser::ResetState()
m_CurrentHeaderNameLength = 0;
m_CurrentHeaderValue = nullptr;
m_CurrentHeaderValueLength = 0;
- m_CurrentHeaderName = nullptr;
m_Url = nullptr;
m_UrlLength = 0;
m_QueryString = nullptr;
diff --git a/src/zenstore/cache/cachedisklayer.cpp b/src/zenstore/cache/cachedisklayer.cpp
index b9cb89fc9..93c841e46 100644
--- a/src/zenstore/cache/cachedisklayer.cpp
+++ b/src/zenstore/cache/cachedisklayer.cpp
@@ -3511,7 +3511,7 @@ ZenCacheDiskLayer::DiscoverBuckets()
for (auto& BucketPath : FoundBucketDirectories)
{
WorkLatch.AddCount(1);
- Pool.ScheduleWork([&]() {
+ Pool.ScheduleWork([this, &WorkLatch, &SyncLock, BucketPath]() {
auto _ = MakeGuard([&]() { WorkLatch.CountDown(); });
const std::string BucketName = PathToUtf8(BucketPath.stem());
try
@@ -3627,7 +3627,7 @@ ZenCacheDiskLayer::Flush()
for (auto& Bucket : Buckets)
{
WorkLatch.AddCount(1);
- Pool.ScheduleWork([&]() {
+ Pool.ScheduleWork([&WorkLatch, Bucket]() {
auto _ = MakeGuard([&]() { WorkLatch.CountDown(); });
try
{
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-20 21:29:14 +0000