joswa / mongoose

Automatically exported from code.google.com/p/mongoose
MIT License
0 stars 0 forks source link

Invalid content length from client crashes Mongoose #354

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1. Find a user agent which will send an invalid content length
2. Send a request through this user agent
3. Mongoose crashes

What is the expected output? What do you see instead?
Expected successful completion of request and response; instead Mongoose crashes

What version of the product are you using? On what operating system?
Using Mongoose 3.1 on Windows 7.

Please provide any additional information below.

Mongoose crashes when it fails the assertion in mg_read(), line 1399 of 
mongoose.c. A particularly prevalent example of this that I have run across is 
that the popular Firefox browser sends an invalid content length when trying to 
upload large files (see https://bugzilla.mozilla.org/show_bug.cgi?id=215450). 
In this case, it appears that the content length received from Firefox overruns 
the data type and a very large negative value is received by Mongoose, thus 
causing the assertion at the top of mg_read() to fail. I need to check further 
to see if this incorrect value is actually sent in from the Firefox or if 
Mongoose causes this value to be incorrect at some point. I have successfully 
tested large uploads in Chrome 18 and Internet Explorer 9.

Original issue reported on code.google.com by tay.stu...@gmail.com on 14 May 2012 at 7:46

GoogleCodeExporter commented 9 years ago
Fixed in the head, please confirm the fix!

Original comment by valenok on 6 Jun 2012 at 6:04

GoogleCodeExporter commented 9 years ago
Tested successfully

Original comment by tay.stu...@gmail.com on 14 Sep 2012 at 2:01