From 8646cecb785e8ac426527daedc1eb35e27f2edca Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 27 Sep 2009 21:34:13 +0000 Subject: - I introduced a maximum limit for received HTTP headers. It is controlled by the define CURL_MAX_HTTP_HEADER which is even exposed in the public header file to allow for users to fairly easy rebuild libcurl with a modified limit. The rationale for a fixed limit is that libcurl is realloc()ing a buffer to be able to put a full header into it, so that it can call the header callback with the entire header, but that also risk getting it into trouble if a server by mistake or willingly sends a header that is more or less without an end. The limit is set to 100K. --- include/curl/curl.h | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'include') diff --git a/include/curl/curl.h b/include/curl/curl.h index 34da873b6..4b79eca9f 100644 --- a/include/curl/curl.h +++ b/include/curl/curl.h @@ -178,6 +178,15 @@ typedef int (*curl_progress_callback)(void *clientp, time for those who feel adventurous. */ #define CURL_MAX_WRITE_SIZE 16384 #endif + +#ifndef CURL_MAX_HTTP_HEADER +/* The only reason to have a max limit for this is to avoid the risk of a bad + server feeding libcurl with a never-ending header that will cause reallocs + infinitely */ +#define CURL_MAX_HTTP_HEADER (100*1024) +#endif + + /* This is a magic return code for the write callback that, when returned, will signal libcurl to pause receiving on the current transfer. */ #define CURL_WRITEFUNC_PAUSE 0x10000001 -- cgit v1.2.3