Date: Thursday, December 27, 2018 @ 12:05:49 Author: archange Revision: 418492
archrelease: copy trunk to community-x86_64 Added: http-parser/repos/community-x86_64/PKGBUILD (from rev 418491, http-parser/trunk/PKGBUILD) http-parser/repos/community-x86_64/http-max-header-size.patch (from rev 418491, http-parser/trunk/http-max-header-size.patch) Deleted: http-parser/repos/community-x86_64/PKGBUILD ----------------------------+ PKGBUILD | 73 ++++++++++++++++++------------------ http-max-header-size.patch | 86 +++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 123 insertions(+), 36 deletions(-) Deleted: PKGBUILD =================================================================== --- PKGBUILD 2018-12-27 12:05:36 UTC (rev 418491) +++ PKGBUILD 2018-12-27 12:05:49 UTC (rev 418492) @@ -1,36 +0,0 @@ -# $Id$ -# Maintainer: Felix Yan <felixonm...@archlinux.org> -# Contributor: Brian Bidulock <bidul...@openss7.org> - -pkgname=http-parser -pkgver=2.8.1 -pkgrel=1 -pkgdesc="Parser for HTTP Request/Response written in C" -arch=('x86_64') -url="https://github.com/nodejs/http-parser" -license=('MIT') -depends=('glibc') -source=("$pkgname-$pkgver.tar.gz::https://github.com/nodejs/http-parser/archive/v$pkgver.tar.gz") -sha512sums=('6f52f543d979f39688ccefae236527a8183929b3d30f5370570107b01cf89d0338b448249a81102b78d31615d2e8f6e7c708f8961f55ece08e7d3a40e5ad0883') - -prepare() { - sed -i 's|-Werror||' $pkgname-$pkgver/Makefile -} - -build() { - cd $pkgname-$pkgver - make library -} - -check() { - cd $pkgname-$pkgver - make test -} - -package() { - cd $pkgname-$pkgver - make PREFIX="$pkgdir/usr" install - - install -Dm644 LICENSE-MIT \ - "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE-MIT" -} Copied: http-parser/repos/community-x86_64/PKGBUILD (from rev 418491, http-parser/trunk/PKGBUILD) =================================================================== --- PKGBUILD (rev 0) +++ PKGBUILD 2018-12-27 12:05:49 UTC (rev 418492) @@ -0,0 +1,37 @@ +# Maintainer: Felix Yan <felixonm...@archlinux.org> +# Contributor: Brian Bidulock <bidul...@openss7.org> + +pkgname=http-parser +pkgver=2.8.1 +pkgrel=2 +pkgdesc="Parser for HTTP Request/Response written in C" +arch=('x86_64') +url="https://github.com/nodejs/http-parser" +license=('MIT') +depends=('glibc') +source=($pkgname-$pkgver.tar.gz::"${url}/archive/v$pkgver.tar.gz" + http-max-header-size.patch) # "${url}/commit/0ae8d93f7335c0279f37b5ca5c26ea881ac17586.patch" + backporting +sha512sums=('6f52f543d979f39688ccefae236527a8183929b3d30f5370570107b01cf89d0338b448249a81102b78d31615d2e8f6e7c708f8961f55ece08e7d3a40e5ad0883' + '24de54a77860e2d1642bd0e74562a411374967fe6a08913a885b526185089b0a8bb78f25462fec2accfbeb63d249afb2385de3c82f8d9d86bc9d430ede0e7824') + +prepare() { + cd $pkgname-$pkgver + sed -i 's|-Werror||' Makefile + patch -p1 -i ../http-max-header-size.patch +} + +build() { + cd $pkgname-$pkgver + make library +} + +check() { + cd $pkgname-$pkgver + make test +} + +package() { + cd $pkgname-$pkgver + make PREFIX="$pkgdir/usr" install + install -Dm644 LICENSE-MIT -t "$pkgdir"/usr/share/licenses/$pkgname/ +} Copied: http-parser/repos/community-x86_64/http-max-header-size.patch (from rev 418491, http-parser/trunk/http-max-header-size.patch) =================================================================== --- http-max-header-size.patch (rev 0) +++ http-max-header-size.patch 2018-12-27 12:05:49 UTC (rev 418492) @@ -0,0 +1,86 @@ +From 0ae8d93f7335c0279f37b5ca5c26ea881ac17586 Mon Sep 17 00:00:00 2001 +From: cjihrig <cjih...@gmail.com> +Date: Mon, 3 Dec 2018 09:35:31 -0500 +Subject: [PATCH] support overriding HTTP_MAX_HEADER_SIZE at runtime + +This commit adds http_parser_set_max_header_size(), which can +override the compile time HTTP_MAX_HEADER_SIZE value. + +Fixes: https://github.com/nodejs/node/issues/24692 +Refs: https://github.com/nodejs/node/pull/24811 +PR-URL: https://github.com/nodejs/http-parser/pull/453 +Reviewed-By: Ben Noordhuis <i...@bnoordhuis.nl> +--- + http_parser.c | 17 ++++++++++++----- + http_parser.h | 3 +++ + 2 files changed, 15 insertions(+), 5 deletions(-) + +diff --git a/http_parser.c b/http_parser.c +index ba1374e..bb17bd2 100644 +--- a/http_parser.c ++++ b/http_parser.c +@@ -25,6 +25,8 @@ + #include <string.h> + #include <limits.h> + ++static uint32_t max_header_size = HTTP_MAX_HEADER_SIZE; ++ + #ifndef ULLONG_MAX + # define ULLONG_MAX ((uint64_t) -1) /* 2^64-1 */ + #endif +@@ -137,20 +139,20 @@ do { \ + } while (0) + + /* Don't allow the total size of the HTTP headers (including the status +- * line) to exceed HTTP_MAX_HEADER_SIZE. This check is here to protect ++ * line) to exceed max_header_size. This check is here to protect + * embedders against denial-of-service attacks where the attacker feeds + * us a never-ending header that the embedder keeps buffering. + * + * This check is arguably the responsibility of embedders but we're doing + * it on the embedder's behalf because most won't bother and this way we +- * make the web a little safer. HTTP_MAX_HEADER_SIZE is still far bigger ++ * make the web a little safer. max_header_size is still far bigger + * than any reasonable request or response so this should never affect + * day-to-day operation. + */ + #define COUNT_HEADER_SIZE(V) \ + do { \ + parser->nread += (V); \ +- if (UNLIKELY(parser->nread > (HTTP_MAX_HEADER_SIZE))) { \ ++ if (UNLIKELY(parser->nread > max_header_size)) { \ + SET_ERRNO(HPE_HEADER_OVERFLOW); \ + goto error; \ + } \ +@@ -1471,7 +1473,7 @@ size_t http_parser_execute (http_parser *parser, + const char* p_lf; + size_t limit = data + len - p; + +- limit = MIN(limit, HTTP_MAX_HEADER_SIZE); ++ limit = MIN(limit, max_header_size); + + p_cr = (const char*) memchr(p, CR, limit); + p_lf = (const char*) memchr(p, LF, limit); +@@ -2438,3 +2440,8 @@ http_parser_version(void) { + HTTP_PARSER_VERSION_MINOR * 0x00100 | + HTTP_PARSER_VERSION_PATCH * 0x00001; + } ++ ++void ++http_parser_set_max_header_size(uint32_t size) { ++ max_header_size = size; ++} +diff --git a/http_parser.h b/http_parser.h +index e894d7c..52aead3 100644 +--- a/http_parser.h ++++ b/http_parser.h +@@ -427,6 +427,9 @@ void http_parser_pause(http_parser *parser, int paused); + /* Checks if this is the final chunk of the body. */ + int http_body_is_final(const http_parser *parser); + ++/* Change the maximum header size provided at compile time. */ ++void http_parser_set_max_header_size(uint32_t size); ++ + #ifdef __cplusplus + } + #endif