From 9a62e48662f6328515ebf256e24762d856b8ce15 Mon Sep 17 00:00:00 2001 From: Mikko Rasa Date: Fri, 27 Sep 2019 02:03:57 +0300 Subject: [PATCH] Fix several errors in FormData parsing It was terminating early if a part happened to be of certain length. Extra whitespace was included at the end of parts and there was also an out-of-bounds memory access. --- source/http/formdata.cpp | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/source/http/formdata.cpp b/source/http/formdata.cpp index 182c5bb..9897bc5 100644 --- a/source/http/formdata.cpp +++ b/source/http/formdata.cpp @@ -53,15 +53,15 @@ void FormData::parse_multipart(const Request &req, const string &boundary) if(is_boundary) { - /* The CRLF preceding the boundary delimiter is treated as part - of the delimiter as per RFC 2046 */ - string::size_type part_end = line_start-1; - if(content[part_end-1]=='\r') - --part_end; - if(part_start>0) { - SubMessage part = SubMessage::parse(content.substr(part_start, line_start-part_start)); + /* The CRLF preceding the boundary delimiter is treated as part + of the delimiter as per RFC 2046 */ + string::size_type part_end = line_start-1; + if(content[part_end-1]=='\r') + --part_end; + + SubMessage part = SubMessage::parse(content.substr(part_start, part_end-part_start)); Header content_disposition(part, "Content-Disposition"); const Header::Value &cd_value = content_disposition.values.at(0); if(cd_value.value=="form-data") @@ -72,10 +72,10 @@ void FormData::parse_multipart(const Request &req, const string &boundary) } part_start = lf+1; - } - if(!content.compare(line_start+2+boundary.size(), 2, "--")) - break; + if(!content.compare(line_start+2+boundary.size(), 2, "--")) + break; + } line_start = lf+1; } -- 2.43.0