[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-merchant] 231/277: address 413 fixme
From: |
gnunet |
Subject: |
[taler-merchant] 231/277: address 413 fixme |
Date: |
Sun, 05 Jul 2020 20:52:24 +0200 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository merchant.
commit 5341e4d62ab3ff635af98c5fc2326ae9f717322f
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Sun Jun 21 12:05:56 2020 +0200
address 413 fixme
---
src/backend/taler-merchant-httpd.c | 51 ++++++++++++++++++++++
src/backend/taler-merchant-httpd.h | 11 +++++
.../taler-merchant-httpd_private-post-reserves.c | 1 +
3 files changed, 63 insertions(+)
diff --git a/src/backend/taler-merchant-httpd.c
b/src/backend/taler-merchant-httpd.c
index f3d8d75..314e65a 100644
--- a/src/backend/taler-merchant-httpd.c
+++ b/src/backend/taler-merchant-httpd.c
@@ -66,6 +66,11 @@
*/
#define UNIX_BACKLOG 500
+/**
+ * Default maximum upload size permitted. Can be overridden
+ * per handler.
+ */
+#define DEFAULT_MAX_UPLOAD_SIZE (16 * 1024)
/**
* Which currency do we use?
@@ -1029,6 +1034,22 @@ url_handler (void *cls,
{
int res;
+ if ( (hc->total_upload + *upload_data_size < hc->total_upload) ||
+ (hc->total_upload + *upload_data_size > hc->rh->max_upload) )
+ {
+ /* Client exceeds upload limit. Should _usually_ be checked earlier
+ when we look at the MHD_HTTP_HEADER_CONTENT_LENGTH, alas with
+ chunked encoding an uploader MAY have ommitted this, and thus
+ not permitted us to check on time. In this case, we just close
+ the connection once it exceeds our limit (instead of waiting
+ for the upload to complete and then fail). This could theoretically
+ cause some clients to retry, alas broken or malicious clients
+ are likely to retry anyway, so little we can do about it, and
+ failing earlier seems the best option here. *///
+ GNUNET_break_op (0);
+ return MHD_NO;
+ }
+ hc->total_upload += *upload_data_size;
res = TALER_MHD_parse_post_json (connection,
&hc->json_parse_context,
upload_data,
@@ -1265,6 +1286,36 @@ url_handler (void *cls,
MHD_HTTP_METHOD_PATCH)) );
if (hc->has_body)
{
+ const char *cl;
+
+ cl = MHD_lookup_connection_value (connection,
+ MHD_HEADER_KIND,
+ MHD_HTTP_HEADER_CONTENT_LENGTH);
+ if (NULL != cl)
+ {
+ unsigned long long cv;
+ size_t mul = hc->rh->max_upload;
+
+ if (0 == mul)
+ mul = DEFAULT_MAX_UPLOAD_SIZE;
+ if (1 != sscanf (cl,
+ "%llu",
+ &cv))
+ {
+ /* Not valid HTTP request, just close connection. */
+ GNUNET_break_op (0);
+ return MHD_NO;
+ }
+ if (cv > mul)
+ {
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_error (connection,
+ MHD_HTTP_PAYLOAD_TOO_LARGE,
+ TALER_EC_UPLOAD_EXCEEDS_LIMIT,
+ "upload exceeds limit");
+ }
+ }
+
/* FIXME: Maybe check for maximum upload size here
and refuse if it is too big? (Note: maximum upload
size may need to vary based on the handler.) */
diff --git a/src/backend/taler-merchant-httpd.h
b/src/backend/taler-merchant-httpd.h
index 7e1090d..42d86d3 100644
--- a/src/backend/taler-merchant-httpd.h
+++ b/src/backend/taler-merchant-httpd.h
@@ -197,6 +197,12 @@ struct TMH_RequestHandler
*/
size_t data_size;
+ /**
+ * Maximum upload size allowed for this handler.
+ * 0 for DEFAULT_MAX_UPLOAD_SIZE
+ */
+ size_t max_upload;
+
/**
* Handler to be called for this URL/METHOD combination.
*
@@ -285,6 +291,11 @@ struct TMH_HandlerContext
*/
void *json_parse_context;
+ /**
+ * Total size of the upload so far.
+ */
+ uint64_t total_upload;
+
/**
* Set to true if this is an #MHD_HTTP_METHOD_POST or #MHD_HTTP_METHOD_PATCH
request.
* (In principle #MHD_HTTP_METHOD_PUT may also belong, but we do not have
PUTs
diff --git a/src/backend/taler-merchant-httpd_private-post-reserves.c
b/src/backend/taler-merchant-httpd_private-post-reserves.c
index 01bba5d..5a691f4 100644
--- a/src/backend/taler-merchant-httpd_private-post-reserves.c
+++ b/src/backend/taler-merchant-httpd_private-post-reserves.c
@@ -25,6 +25,7 @@
#include "platform.h"
#include "taler-merchant-httpd_exchanges.h"
#include "taler-merchant-httpd_private-post-reserves.h"
+#include "taler-merchant-httpd_reserves.h"
#include <taler/taler_json_lib.h>
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [taler-merchant] 199/277: insert missing functions (unimplemented), (continued)
- [taler-merchant] 199/277: insert missing functions (unimplemented), gnunet, 2020/07/05
- [taler-merchant] 202/277: work on missing functions, gnunet, 2020/07/05
- [taler-merchant] 206/277: more backenddb tests, gnunet, 2020/07/05
- [taler-merchant] 207/277: test DELETE /private/reserves/, gnunet, 2020/07/05
- [taler-merchant] 210/277: fix #5957, gnunet, 2020/07/05
- [taler-merchant] 220/277: test for GET /private/reserves, gnunet, 2020/07/05
- [taler-merchant] 222/277: fix/test for POST tips//pickup, gnunet, 2020/07/05
- [taler-merchant] 225/277: stricter tests for query reserve(s) methods, gnunet, 2020/07/05
- [taler-merchant] 228/277: start with reserve processing logic, gnunet, 2020/07/05
- [taler-merchant] 227/277: implement library method for DELETE /orders/ and tests, gnunet, 2020/07/05
- [taler-merchant] 231/277: address 413 fixme,
gnunet <=
- [taler-merchant] 237/277: fix type conversion warning and test failure for backenddb, gnunet, 2020/07/05
- [taler-merchant] 239/277: more checks for GET /private/products/, gnunet, 2020/07/05
- [taler-merchant] 242/277: also parse and return timestamp and row_id, gnunet, 2020/07/05
- [taler-merchant] 250/277: got refunds working and tested, gnunet, 2020/07/05
- [taler-merchant] 245/277: DCE: removing legacy code and APIs, gnunet, 2020/07/05
- [taler-merchant] 246/277: implement taler-merchant-setup-reserve CLI tool, gnunet, 2020/07/05
- [taler-merchant] 252/277: minor style improvements, gnunet, 2020/07/05
- [taler-merchant] 253/277: fix FIXME, gnunet, 2020/07/05
- [taler-merchant] 254/277: logic to update 'wired' status of an order, gnunet, 2020/07/05
- [taler-merchant] 255/277: deeper checks for merchant get order, gnunet, 2020/07/05