From a91a0b7dbfaaac6c8f494c60e14beb6a6918c2aa Mon Sep 17 00:00:00 2001 From: yhirose Date: Wed, 10 Apr 2019 12:21:42 -0400 Subject: [PATCH] Fix #140 --- httplib.h | 17 +++++++++++++++++ test/test.cc | 2 +- 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/httplib.h b/httplib.h index 97b41da..ca0d873 100644 --- a/httplib.h +++ b/httplib.h @@ -85,6 +85,7 @@ typedef int socket_t; */ #define CPPHTTPLIB_KEEPALIVE_TIMEOUT_SECOND 5 #define CPPHTTPLIB_KEEPALIVE_TIMEOUT_USECOND 0 +#define CPPHTTPLIB_REQUEST_URI_MAX_LENGTH 8192 namespace httplib { @@ -430,6 +431,14 @@ public: } } + size_t size() const { + if (glowable_buffer_.empty()) { + return fixed_buffer_used_size_; + } else { + return glowable_buffer_.size(); + } + } + bool getline() { fixed_buffer_used_size_ = 0; glowable_buffer_.clear(); @@ -772,6 +781,7 @@ inline const char* status_message(int status) case 400: return "Bad Request"; case 403: return "Forbidden"; case 404: return "Not Found"; + case 414: return "Request-URI Too Long"; case 415: return "Unsupported Media Type"; default: case 500: return "Internal Server Error"; @@ -1921,6 +1931,13 @@ inline bool Server::process_request(Stream& strm, bool last_connection, bool& co res.version = "HTTP/1.1"; + // Check if the request URI doesn't exceed the limit + if (reader.size() > CPPHTTPLIB_REQUEST_URI_MAX_LENGTH) { + res.status = 414; + write_response(strm, last_connection, req, res); + return true; + } + // Request line and headers if (!parse_request_line(reader.ptr(), req) || !detail::read_headers(strm, req.headers)) { res.status = 400; diff --git a/test/test.cc b/test/test.cc index 2e6e6fd..de8f96c 100644 --- a/test/test.cc +++ b/test/test.cc @@ -757,7 +757,7 @@ TEST_F(ServerTest, LongQueryValue) auto res = cli_.Get(LONG_QUERY_URL.c_str()); ASSERT_TRUE(res != nullptr); - EXPECT_EQ(200, res->status); + EXPECT_EQ(414, res->status); } TEST_F(ServerTest, TooLongHeader)