1--- mongoose.c.orig 2019-07-31 14:06:36.043726677 +0200 2+++ mongoose.c 2019-07-31 14:10:06.767727652 +0200 3@@ -50,6 +50,14 @@ 4 #define PATH_MAX FILENAME_MAX 5 #endif // __SYMBIAN32__ 6 7+#if __gnu_hurd__ == 1 8+/** 9+ * There is no limit on the length on a path under GNU Hurd, so we set 10+ * it to an arbitrary constant. 11+ **/ 12+#define PATH_MAX 4096 13+#endif 14+ 15 #ifndef _WIN32_WCE // Some ANSI #includes are not available on Windows CE 16 #include <sys/types.h> 17 #include <sys/stat.h> 18@@ -108,8 +116,9 @@ 19 #define strtoll(x, y, z) _atoi64(x) 20 #else 21 #define __func__ __FUNCTION__ 22-#define strtoull(x, y, z) _strtoui64(x, y, z) 23-#define strtoll(x, y, z) _strtoi64(x, y, z) 24+#include <stdlib.h> 25+//#define strtoull(x, y, z) _strtoui64(x, y, z) 26+//#define strtoll(x, y, z) _strtoi64(x, y, z) 27 #endif // _MSC_VER 28 29 #define ERRNO GetLastError() 30@@ -2997,19 +3006,19 @@ 31 } 32 } 33 34-static int is_valid_http_method(const char *method) { 35- return !strcmp(method, "GET") || !strcmp(method, "POST") || 36+static int is_valid_http_method(const char *method, int *isValidHttpMethod) { 37+ *isValidHttpMethod = !strcmp(method, "GET") || !strcmp(method, "POST") || 38 !strcmp(method, "HEAD") || !strcmp(method, "CONNECT") || 39 !strcmp(method, "PUT") || !strcmp(method, "DELETE") || 40 !strcmp(method, "OPTIONS") || !strcmp(method, "PROPFIND") 41- || !strcmp(method, "MKCOL") 42- ; 43+ || !strcmp(method, "MKCOL"); 44+ return *isValidHttpMethod; 45 } 46 47 // Parse HTTP request, fill in mg_request_info structure. 48 // This function modifies the buffer by NUL-terminating 49 // HTTP request components, header names and header values. 50-static int parse_http_message(char *buf, int len, struct mg_request_info *ri) { 51+static int parse_http_message(char *buf, int len, struct mg_request_info *ri, int *isValidHttpMethod) { 52 int is_request, request_length = get_request_len(buf, len); 53 if (request_length > 0) { 54 // Reset attributes. DO NOT TOUCH is_ssl, remote_ip, remote_port 55@@ -3025,7 +3034,7 @@ 56 ri->request_method = skip(&buf, " "); 57 ri->uri = skip(&buf, " "); 58 ri->http_version = skip(&buf, "\r\n"); 59- if (((is_request = is_valid_http_method(ri->request_method)) && 60+ if (((is_request = is_valid_http_method(ri->request_method, isValidHttpMethod)) && 61 memcmp(ri->http_version, "HTTP/", 5) != 0) || 62 (!is_request && memcmp(ri->request_method, "HTTP/", 5)) != 0) { 63 request_length = -1; 64@@ -4930,7 +4939,7 @@ 65 return uri[0] == '/' || (uri[0] == '*' && uri[1] == '\0'); 66 } 67 68-static int getreq(struct mg_connection *conn, char *ebuf, size_t ebuf_len) { 69+static int getreq(struct mg_connection *conn, char *ebuf, size_t ebuf_len, int *isValidHttpMethod) { 70 const char *cl; 71 72 ebuf[0] = '\0'; 73@@ -4944,7 +4953,7 @@ 74 } else if (conn->request_len <= 0) { 75 snprintf(ebuf, ebuf_len, "%s", "Client closed connection"); 76 } else if (parse_http_message(conn->buf, conn->buf_size, 77- &conn->request_info) <= 0) { 78+ &conn->request_info, isValidHttpMethod) <= 0) { 79 snprintf(ebuf, ebuf_len, "Bad request: [%.*s]", conn->data_len, conn->buf); 80 } else { 81 // Request is valid 82@@ -4973,7 +4982,8 @@ 83 } else if (mg_vprintf(conn, fmt, ap) <= 0) { 84 snprintf(ebuf, ebuf_len, "%s", "Error sending request"); 85 } else { 86- getreq(conn, ebuf, ebuf_len); 87+ int isValidHttpMethod = 1; /* unused in this case */ 88+ getreq(conn, ebuf, ebuf_len, &isValidHttpMethod); 89 } 90 if (ebuf[0] != '\0' && conn != NULL) { 91 mg_close_connection(conn); 92@@ -4995,8 +5005,13 @@ 93 // to crule42. 94 conn->data_len = 0; 95 do { 96- if (!getreq(conn, ebuf, sizeof(ebuf))) { 97+ int isValidHttpMethod = 1; 98+ if (!getreq(conn, ebuf, sizeof(ebuf), &isValidHttpMethod)) { 99+ if (isValidHttpMethod) { 100 send_http_error(conn, 500, "Server Error", "%s", ebuf); 101+ } else { 102+ send_http_error(conn, 400, "Bad Request", "%s", ebuf); 103+ } 104 conn->must_close = 1; 105 } else if (!is_valid_uri(conn->request_info.uri)) { 106 snprintf(ebuf, sizeof(ebuf), "Invalid URI: [%s]", ri->uri); 107