fix handling of HTTP body length

Partial content bytes range length value and content length value
should not be stored in the same variable. An attacker could override
a given Content-Length or Content-Range with a smaller value to
evade HTTP content.
This commit is contained in:
jbencteux 2018-04-13 14:23:14 +02:00 committed by Jon Siwek
parent 2a01c70837
commit c0cc4ef192
2 changed files with 23 additions and 1 deletions

View file

@ -55,6 +55,7 @@ protected:
HTTP_Message* http_message;
int chunked_transfer_state;
int64_t content_length;
int64_t range_length;
int64_t expect_data_length;
int expect_body;
int64_t body_length;