iarv/znc
1
0
Fork 0
mirror of https://github.com/znc/znc.git synced 2026-05-07 13:54:47 +02:00
Code Issues Packages Projects Releases Wiki Activity

CIncomingConnection: Reject long input lines

Browse Source 
This should make DoS attacks that try to make znc eat lots of memory a lot
harder to do (= Don't bother trying).


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@2124 726aef4b-f618-498e-8847-2d620e286838
This commit is contained in:
psychon
2010-09-08 17:41:10 +00:00
parent 20a9002953
commit f9d2f614db
2 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Listener.cpp
+13
View File
@@ -76,6 +76,19 @@ CIncomingConnection::CIncomingConnection(const CString& sHostname, unsigned shor
EnableReadLine();
}
void CIncomingConnection::ReachedMaxBuffer() {
if (GetCloseType() != CLT_DONT)
return; // Already closing
// We don't actually SetMaxBufferThreshold() because that would be
// inherited by sockets after SwapSockByAddr().
if (GetInternalReadBuffer().length() <= 4096)
return;
// We should never get here with legitimate requests :/
Close();
}
void CIncomingConnection::ReadLine(const CString& sLine) {
bool bIsHTTP = (sLine.WildCmp("GET * HTTP/1.?\r\n") || sLine.WildCmp("POST * HTTP/1.?\r\n"));
bool bAcceptHTTP = (m_eAcceptType == CListener::ACCEPT_ALL)