From b7f232366c03dad8afbbb8ed5ba44314e42b13fd Mon Sep 17 00:00:00 2001 From: Xavier Del Campo Romero Date: Tue, 20 Feb 2024 00:17:40 +0100 Subject: main.c: Force valid cookie on check_length Otherwise, a malicious user could send multipart/form-data requests without a valid cookie. --- main.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/main.c b/main.c index fd47140..b88d77b 100644 --- a/main.c +++ b/main.c @@ -897,7 +897,16 @@ static int check_length(const unsigned long long len, bool has_quota; unsigned long long quota; - if (auth_quota(a, username, &has_quota, "a)) + if (auth_cookie(a, c)) + { + fprintf(stderr, "%s: auth_cookie failed\n", __func__); + + if (page_forbidden(r)) + return -1; + + return 1; + } + else if (auth_quota(a, username, &has_quota, "a)) { fprintf(stderr, "%s: auth_quota failed\n", __func__); return -1; -- cgit v1.2.3