diff options
author | naruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2018-03-28 09:26:10 +0000 |
---|---|---|
committer | naruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2018-03-28 09:26:10 +0000 |
commit | b15f9b622f1f988f5a23036b74be9bbfc28056ad (patch) | |
tree | 247853d8067800ad2daaa52b0606e8d77f752797 /test | |
parent | c3e2c261e08260fce94a223fe904eb149144296e (diff) |
webrick/httprequest: limit request headers size
We use the same 112 KB limit started (AFAIK) by Mongrel, Thin,
and Puma to prevent malicious users from using up all the memory
with a single request. This also limits the damage done by
excessive ranges in multipart Range: requests.
Due to the way we rely on IO#gets and the desire to keep
the code simple, the actual maximum header may be 4093 bytes
larger than 112 KB, but we're splitting hairs at that point.
* lib/webrick/httprequest.rb: define MAX_HEADER_LENGTH
(read_header): raise when headers exceed max length
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@62979 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'test')
-rw-r--r-- | test/webrick/test_httpserver.rb | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/test/webrick/test_httpserver.rb b/test/webrick/test_httpserver.rb index daeb7b955e..070422f48c 100644 --- a/test/webrick/test_httpserver.rb +++ b/test/webrick/test_httpserver.rb @@ -440,4 +440,21 @@ class TestWEBrickHTTPServer < Test::Unit::TestCase s&.shutdown th&.join end + + def test_gigantic_request_header + log_tester = lambda {|log, access_log| + assert_equal 1, log.size + assert log[0].include?('ERROR headers too large') + } + TestWEBrick.start_httpserver({}, log_tester){|server, addr, port, log| + server.mount('/', WEBrick::HTTPServlet::FileHandler, __FILE__) + TCPSocket.open(addr, port) do |c| + c.write("GET / HTTP/1.0\r\n") + junk = -"X-Junk: #{' ' * 1024}\r\n" + assert_raise(Errno::ECONNRESET, Errno::EPIPE) do + loop { c.write(junk) } + end + end + } + end end |