Fix server crash caused due to regex complexity while matching headers. (#632)

* Fix parsing to parse query string with single space char. When passed ' ' as a query string, the server crashes cause of illegal memory access done in httplib::detail::split. Have added checks to make sure the split function has a valid string with length > 0. * Fix parsing to parse query string with single space char. * Fix server crash caused due to regex complexity while matching headers. While parsing content-type header in multipart form request the server crashes due to the exhaustion of max iterations performed while matching the input string with content-type regex. Have removed the regex which might use backtracking while matching and replaced it with manual string processing. Have added tests as well. * Remove magic number Co-authored-by: Ivan Fefer <fefer.ivan@gmail.com> Co-authored-by: yhirose <yhirose@users.noreply.github.com> Co-authored-by: Ivan Fefer <fefer.ivan@gmail.com>
2025-05-15 01:08:27 +00:00 · 2020-09-03 22:47:52 +05:30 · 2020-09-03 22:47:52 +05:30 · 852a374748
commit 852a374748
parent 3b5bab3308
2 changed files with 50 additions and 5 deletions
--- a/test/test.cc
+++ b/test/test.cc
@ -43,6 +43,23 @@ TEST(StartupTest, WSAStartup) {
  ASSERT_EQ(0, ret);
 }
 #endif
+TEST(TrimTests, TrimStringTests) {
+  {
+    std::string s = "abc";
+    detail::trim(s);
+    EXPECT_EQ("abc", s);
+  }
+  {
+    std::string s = "  abc  ";
+    detail::trim(s);
+    EXPECT_EQ("abc", s);
+  }
+  {
+    std::string s = "";
+    detail::trim(s);
+    EXPECT_TRUE( s.empty() );
+  }
+}

 TEST(SplitTest, ParseQueryString) {
  string s = "key1=val1&key2=val2&key3=val3";
@ -1082,7 +1099,7 @@ protected:
              })
        .Post("/multipart",
              [&](const Request &req, Response & /*res*/) {
-                EXPECT_EQ(5u, req.files.size());
+                EXPECT_EQ(6u, req.files.size());
                ASSERT_TRUE(!req.has_file("???"));
                ASSERT_TRUE(req.body.empty());

@ -1111,6 +1128,13 @@ protected:
                  EXPECT_EQ("application/octet-stream", file.content_type);
                  EXPECT_EQ(0u, file.content.size());
                }
+
+                {
+                  const auto &file = req.get_file_value("file4");
+                  EXPECT_TRUE(file.filename.empty());
+                  EXPECT_EQ(0u, file.content.size());
+                  EXPECT_EQ("application/json  tmp-string", file.content_type);
+                }
              })
        .Post("/empty",
              [&](const Request &req, Response &res) {
@ -1803,6 +1827,7 @@ TEST_F(ServerTest, MultipartFormData) {
      {"file1", "h\ne\n\nl\nl\no\n", "hello.txt", "text/plain"},
      {"file2", "{\n  \"world\", true\n}\n", "world.json", "application/json"},
      {"file3", "", "", "application/octet-stream"},
+      {"file4", "", "", "   application/json  tmp-string    "}
  };

  auto res = cli_.Post("/multipart", items);