Sanitize HTTP parsing
Closed this issue · 0 comments
deba12 commented
When input is invalid
for example GET / \r\n\r\n
we get stack trace
Unhandled Error
Traceback (most recent call last):
File "/usr/local/lib/pypy2.7/dist-packages/Twisted-15.4.0-py2.7-linux-x86_64.egg/twisted/python/log.py", line 101, in callWithLogger
return callWithContext({"system": lp}, func, *args, **kw)
File "/usr/local/lib/pypy2.7/dist-packages/Twisted-15.4.0-py2.7-linux-x86_64.egg/twisted/python/log.py", line 84, in callWithContext
return context.call({ILogContext: newCtx}, func, *args, **kw)
File "/usr/local/lib/pypy2.7/dist-packages/Twisted-15.4.0-py2.7-linux-x86_64.egg/twisted/python/context.py", line 118, in callWithContext
return self.currentContext().callWithContext(ctx, func, *args, **kw)
File "/usr/local/lib/pypy2.7/dist-packages/Twisted-15.4.0-py2.7-linux-x86_64.egg/twisted/python/context.py", line 81, in callWithContext
return func(*args,**kw)
--- <exception caught here> ---
File "/usr/local/lib/pypy2.7/dist-packages/Twisted-15.4.0-py2.7-linux-x86_64.egg/twisted/internet/posixbase.py", line 597, in _doReadOrWrite
why = selectable.doRead()
File "/usr/local/lib/pypy2.7/dist-packages/Twisted-15.4.0-py2.7-linux-x86_64.egg/twisted/internet/tcp.py", line 209, in doRead
return self._dataReceived(data)
File "/usr/local/lib/pypy2.7/dist-packages/Twisted-15.4.0-py2.7-linux-x86_64.egg/twisted/internet/tcp.py", line 215, in _dataReceived
rval = self.protocol.dataReceived(data)
File "/usr/local/lib/pypy2.7/dist-packages/sstp_server-0.3.6-py2.7-linux-x86_64.egg/sstpd/sstp.py", line 32, in dataReceived
self.httpDataReceived(data)
File "/usr/local/lib/pypy2.7/dist-packages/sstp_server-0.3.6-py2.7-linux-x86_64.egg/sstpd/sstp.py", line 53, in httpDataReceived
method, uri, version = requestLine.split()
exceptions.ValueError: expected length 3, got 1
I think there have to be proper input sanitize :)