forked from xavi/libweb
http.c: Improve error detection for strotull(3)
set_length relies on user input to determine Content-Length, so it should be considered unreliable.
This commit is contained in:
parent
67ffb772b7
commit
0e8e6c3742
13
http.c
13
http.c
|
@ -562,7 +562,18 @@ failure:
|
|||
|
||||
static int set_length(struct http_ctx *const h, const char *const len)
|
||||
{
|
||||
h->ctx.post.len = strtoull(len, NULL, 10);
|
||||
char *end;
|
||||
|
||||
errno = 0;
|
||||
h->ctx.post.len = strtoull(len, &end, 10);
|
||||
|
||||
if (errno || *end != '\0')
|
||||
{
|
||||
fprintf(stderr, "%s: invalid length %s: %s\n",
|
||||
__func__, len, strerror(errno));
|
||||
return 1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue