moonbridge

changeset 46:ac37c1f28d71

Treat multipart/form-data protocol errors and chunked transfer-encoding protocol errors as I/O errors
author jbe
date Thu Mar 19 19:12:31 2015 +0100 (2015-03-19)
parents ab51824e139b
children 1e6cf8d0e758
files moonbridge_http.lua
line diff
     1.1 --- a/moonbridge_http.lua	Thu Mar 19 16:54:50 2015 +0100
     1.2 +++ b/moonbridge_http.lua	Thu Mar 19 19:12:31 2015 +0100
     1.3 @@ -652,7 +652,7 @@
     1.4                        headerdata = remaining
     1.5                        local header_key, header_value = string.match(line, "^([^:]*):[ \t]*(.-)[ \t]*$")
     1.6                        if not header_key then
     1.7 -                        error("Invalid header in multipart/form-data part")
     1.8 +                        assert_io(false, "Invalid header in multipart/form-data part")
     1.9                        end
    1.10                        header_key = string.lower(header_key)
    1.11                        if header_key == "content-disposition" then
    1.12 @@ -674,7 +674,7 @@
    1.13                        elseif header_key == "content-type" then
    1.14                          metadata.content_type = header_value
    1.15                        elseif header_key == "content-transfer-encoding" then
    1.16 -                        error("Content-transfer-encoding not supported by multipart/form-data parser")
    1.17 +                        assert_io(false, "Content-transfer-encoding not supported by multipart/form-data parser")
    1.18                        end
    1.19                      end
    1.20                    end
    1.21 @@ -702,7 +702,7 @@
    1.22                          bigchunk = nil
    1.23                          return
    1.24                        else
    1.25 -                        error("Error while parsing multipart body (expected CRLF or double minus)")
    1.26 +                        assert_io(false, "Error while parsing multipart body (expected CRLF or double minus)")
    1.27                        end
    1.28                      end
    1.29                      local pos1, pos2 = string.find(bigchunk, boundary, 1, true)
    1.30 @@ -728,11 +728,11 @@
    1.31                    end
    1.32                  end)
    1.33                  if not terminated then
    1.34 -                  error("Premature end of multipart/form-data request body")
    1.35 +                  assert_io(false, "Premature end of multipart/form-data request body")
    1.36                  end
    1.37                  request.post_metadata_list, request.post_metadata = post_metadata_list, post_metadata
    1.38                else
    1.39 -                error("Unknown Content-Type of request body")
    1.40 +                assert_io(false, "Unknown Content-Type of request body")
    1.41                end
    1.42              end
    1.43            end
    1.44 @@ -759,13 +759,8 @@
    1.45            if request.headers_flags["Transfer-Encoding"]["chunked"] then
    1.46              while true do
    1.47                local line = socket:readuntil("\n", 32 + remaining_body_size_limit)
    1.48 -              if not (
    1.49 -                line and (
    1.50 -                  string.match(line, "^[0-9A-Fa-f]+\r?$") or
    1.51 -                  string.match(line, "^[0-9A-Fa-f]+[ \t;]")
    1.52 -                )
    1.53 -              ) then
    1.54 -                assert_io(false, "Unexpected EOF or read error while reading next chunk of request body")
    1.55 +              if not line then
    1.56 +                assert_io(false, "Unexpected EOF while reading next chunk of request body")
    1.57                end
    1.58                local zeros, lenstr = string.match(line, "^(0*)([1-9A-Fa-f]+[0-9A-Fa-f]*)\r?\n$")
    1.59                local chunkext
    1.60 @@ -775,18 +770,18 @@
    1.61                  zeros, lenstr, chunkext = string.match(line, "^(0*)([1-9A-Fa-f]+[0-9A-Fa-f]*)([ \t;].-)\r?\n$")
    1.62                end
    1.63                if not lenstr or #lenstr > 13 then
    1.64 -                error("Encoding error while reading chunk of request body")
    1.65 +                assert_io(false, "Encoding error or unexpected EOF or read error while reading chunk of request body")
    1.66                end
    1.67                local len = tonumber("0x" .. lenstr)
    1.68                remaining_body_size_limit = remaining_body_size_limit - (#zeros + #chunkext + len)
    1.69                if remaining_body_size_limit < 0 then
    1.70 -                error("Request body size limit exceeded")
    1.71 +                assert_io(false, "Request body size limit exceeded")
    1.72                end
    1.73                if len == 0 then break end
    1.74                read_body_bytes(len, callback)
    1.75                local term = socket:readuntil("\n", 2)
    1.76                if term ~= "\r\n" and term ~= "\n" then
    1.77 -                error("Encoding error while reading chunk of request body")
    1.78 +                assert_io(false, "Encoding error while reading chunk of request body")
    1.79                end
    1.80              end
    1.81              while true do
    1.82 @@ -794,7 +789,7 @@
    1.83                if line == "\r\n" or line == "\n" then break end
    1.84                remaining_body_size_limit = remaining_body_size_limit - #line
    1.85                if remaining_body_size_limit < 0 then
    1.86 -                error("Request body size limit exceeded while reading trailer section of chunked request body")
    1.87 +                assert_io(false, "Request body size limit exceeded while reading trailer section of chunked request body")
    1.88                end
    1.89              end
    1.90            elseif request_body_content_length then

Impressum / About Us