diff options
| author | Xavier Del Campo Romero <xavi.dcr@tutanota.com> | 2023-03-04 02:34:55 +0100 |
|---|---|---|
| committer | Xavier Del Campo Romero <xavi.dcr@tutanota.com> | 2023-07-20 23:52:51 +0200 |
| commit | 0e8e6c3742b6596df661a0bceeb8e97d50f96444 (patch) | |
| tree | 1c2d5e183ecd8a4d56090cf1b6391522bde4f521 | |
| parent | 67ffb772b7488b84e37e6880290820fc54434b33 (diff) | |
| download | libweb-0e8e6c3742b6596df661a0bceeb8e97d50f96444.tar.gz | |
http.c: Improve error detection for strotull(3)
set_length relies on user input to determine Content-Length, so it
should be considered unreliable.
| -rw-r--r-- | http.c | 13 |
1 files changed, 12 insertions, 1 deletions
@@ -562,7 +562,18 @@ failure: static int set_length(struct http_ctx *const h, const char *const len) { - h->ctx.post.len = strtoull(len, NULL, 10); + char *end; + + errno = 0; + h->ctx.post.len = strtoull(len, &end, 10); + + if (errno || *end != '\0') + { + fprintf(stderr, "%s: invalid length %s: %s\n", + __func__, len, strerror(errno)); + return 1; + } + return 0; } |