search

joswa / mongoose

Automatically exported from code.google.com/p/mongoose
MIT License
0 stars 0 forks source link

Avoid access violation in handle_proxy_request(..) #263

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
in mongoose.c (rev. 184), handle_proxy_request(..):

If the uri is NULL, an access violation will occur here:
struct mg_request_info *ri = &conn->request_info;
  char host[1025], buf[BUFSIZ];
  int port, is_ssl, len, i, n;

  DEBUG_TRACE(("URL: %s", ri->uri));
  if (conn->request_info.uri[0] == '/' ||
      (ri->uri == NULL || (len = parse_url(ri->uri, host, &port))) == 0) {
    return;
  }

Change to:
  struct mg_request_info *ri = &conn->request_info;
  char host[1025], buf[BUFSIZ];
  int port, is_ssl, len, i, n;

  DEBUG_TRACE(("URL: %s", ri->uri));
  if ((ri->uri == NULL || ri->uri[0] == '/' ||
      (len = parse_url(ri->uri, host, &port)) == 0) {
    return;
  }

I hope i've got recognized the intention of this piece of code.

Original issue reported on code.google.com by nullable...@gmail.com on 28 Jun 2011 at 12:08

GoogleCodeExporter commented 9 years ago 
Submitted 
https://code.google.com/p/mongoose/source/detail?r=cfb416fa0941ea5a6af8aa3c04f7c
16c1b62bb22, thank you.
I'm surprised the proxy support is used it is undocumented and highly 
experimental :-)

Original comment by valenok on 28 Jun 2011 at 2:35