Fix "Issue 42689 in oss-fuzz: cpp-httplib:server_fuzzer: Timeout in server_fuzzer"

yhirose · yhirose · commit 63f72caf30d3 · 2021-12-24T20:58:09.000-05:00
diff --git a/httplib.h b/httplib.h
@@ -60,6 +60,10 @@
 #define CPPHTTPLIB_REQUEST_URI_MAX_LENGTH 8192
 #endif
 
+#ifndef CPPHTTPLIB_HEADER_MAX_LENGTH
+#define CPPHTTPLIB_HEADER_MAX_LENGTH 8192
+#endif
+
 #ifndef CPPHTTPLIB_REDIRECT_MAX_COUNT
 #define CPPHTTPLIB_REDIRECT_MAX_COUNT 20
 #endif
@@ -3178,6 +3182,8 @@ inline bool read_headers(Stream &strm, Headers &headers) {
       continue; // Skip invalid line.
     }
 
+    if (line_reader.size() > CPPHTTPLIB_HEADER_MAX_LENGTH) { return false; }
+
     // Exclude CRLF
     auto end = line_reader.ptr() + line_reader.size() - 2;
 
@@ -3703,6 +3709,7 @@ class MultipartFormDataParser {
       }
       case 2: { // Headers
         auto pos = buf_find(crlf_);
+        if (pos > CPPHTTPLIB_HEADER_MAX_LENGTH) { return false; }
         while (pos < buf_size()) {
           // Empty line
           if (pos == 0) {
@@ -3866,7 +3873,7 @@ class MultipartFormDataParser {
 
   void buf_append(const char *data, size_t n) {
     auto remaining_size = buf_size();
-    if (remaining_size > 0) {
+    if (remaining_size > 0 && buf_spos_ > 0) {
       for (size_t i = 0; i < remaining_size; i++) {
         buf_[i] = buf_[buf_spos_ + i];
       }
