Oh, you're darn right, thanks! Already used/planned something like that, somewhere else in my code, while in that part is missing. As well: the example httpd.c in contrib is similarly vulnerable, should be annotated, just not to forget...
Lou >> So, in the case of the HTTP capture you provided, there is a request >> header telling you "Content-Length: 36". This tells you that after >> the end of the headers (i.e. after the blank line), you should expect >> another 36 bytes of data. You need to wait for those bytes to come in >> before considering the request complete, even though they may not be >> present in the same pbuf. > > Moreover, the number 36 is not definitive. The browser might close > connection before sending all the 36 bytes. Or it could send more, if > it's a hacker pretending to be a browser and looking for > vulnerabilities in the code. The application should be prepared for > that. _______________________________________________ lwip-users mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/lwip-users
