http server vulnerability: denial of service (GIT8266O-577)

Environment

Development Kit: NodeMCU V3 ESP8266
IDF version: 3a7964ba
Development Env: Make
Operating System: Linux
Power Supply: USB

Problem Description

esp_http_server vulnerability/bug which lead to denial of service.

//Detailed problem description goes here.

Uploading relatively big file to any (even nonexistent) enpoint cause a watchdog reboot from second upload attempt.

Expected Behavior

Invalid HTTP request should be handled gracefully.

Actual Behavior

reboot by watchdog.

Steps to repropduce

Build and flash any HTTP server example (see sdk/examples/protocols/http_server)

Send a relatively big file (~300kB used in this test) to the device via cURL

curl -v http://[your IP]:[your port]/abcd --upload-file some/big/file.txt

device reports:

...
W (65429) httpd_uri: httpd_uri: URI '/abcd' not found
W (65432) httpd_txrx: httpd_resp_send_err: 404 Not Found - This URI doesn't exist

seems ok at this moment.

send file again:

curl -v http://[your IP]:[your port]/abcd --upload-file some/big/file.txt

oops:


Task watchdog got triggered.

Guru Meditation Error: Core 0 panic'ed (unknown). Exception was unhandled. Core 0 register dump: PC : 0x40241de7 PS : 0x00000030 A0 : 0x40241dfc A1 : 0x3fff40c0
A2 : 0x00000000 A3 : 0x00000001 A4 : 0x00000000 A5 : 0x00000041
A6 : 0x00000020 A7 : 0x00000000 A8 : 0x00000003 A9 : 0x2c01cf46
A10 : 0x3fff03cc A11 : 0x00000001 A12 : 0x00000003 A13 : 0x0000001f
A14 : 0x00000003 A15 : 0x3fff4160 SAR : 0x00000017 EXCCAUSE: 0x0000001f

Backtrace: 0x40241de7:0x3fff40c0 0x40241dfc:0x3fff40f0 0x4023a6c0:0x3fff4100 0x4023a315:0x3fff4110 0x4023a34c:0x3fff4140 0x4023a659:0x3fff4150 0x4023b140:0x3fff4160 0x4023b582:0x3fff4190 0x40239e00:0x3fff41a0 0x40239e6c:0x3fff41c0

ets Jan 8 2013,rst cause:4, boot mode:(3,6)

wdt reset load 0x40100000, len 7168, room 16 tail 0 chksum 0x95 load 0x3ffe8408, len 24, room 8 tail 0 chksum 0x1c load 0x3ffe8420, len 3548, room 8 tail 4 chksum 0x67 csum 0x67

espressif / ESP8266_RTOS_SDK