spa: reject junk after finalization

author Andy Green <andy@warmcat.com>

Thu, 23 Mar 2017 11:30:12 +0000 (19:30 +0800)

committer Andy Green <andy@warmcat.com>

Thu, 23 Mar 2017 11:30:29 +0000 (19:30 +0800)
author Andy Green <andy@warmcat.com>
Thu, 23 Mar 2017 11:30:12 +0000 (19:30 +0800)
committer Andy Green <andy@warmcat.com>
Thu, 23 Mar 2017 11:30:29 +0000 (19:30 +0800)
diff --git a/lib/server.c b/lib/server.c

index 606402e..0eaf964 100644 (file)
--- a/lib/server.c
+++ b/lib/server.c
@@ -2952,6 +2952,8 @@ struct lws_spa {
         char *storage;
         char *end;
         int max_storage;
+
+       char finalized;
  };
  
  static int
@@ -3067,6 +3069,10 @@ lws_spa_process(struct lws_spa *ludspa, const char *in, int len)
                 lwsl_err("%s: NULL spa\n", __func__);
                 return -1;
         }
+       /* we reject any junk after the last part arrived and we finalized */
+       if (ludspa->finalized)
+               return 0;
+
         return lws_urldecode_s_process(ludspa->s, in, len);
  }
  
@@ -3096,6 +3102,8 @@ lws_spa_finalize(struct lws_spa *spa)
                 spa->s = NULL;
         }
  
+       spa->finalized = 1;
+
         return 0;
  }
author	Andy Green <andy@warmcat.com>
	Thu, 23 Mar 2017 11:30:12 +0000 (19:30 +0800)
committer	Andy Green <andy@warmcat.com>
	Thu, 23 Mar 2017 11:30:29 +0000 (19:30 +0800)