diff options
author | Pauli <pauli@openssl.org> | 2021-05-17 09:26:48 +1000 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2021-05-18 13:24:41 +1000 |
commit | cef71ebb5c757bafd15926dd6f6f2a2779b9d71a (patch) | |
tree | bd8707fde7ace7a5a4ed59e130fa5b9f6b243485 /apps | |
parent | c9cddf05424c3292956123e7fa4c16cb80867b3f (diff) |
apps: clean up the http server code
Clean up some of the null checking in the http server code.
This also "fixes" the false positive from coverity CID 1484883.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/15300)
Diffstat (limited to 'apps')
-rw-r--r-- | apps/lib/http_server.c | 43 |
1 files changed, 20 insertions, 23 deletions
diff --git a/apps/lib/http_server.c b/apps/lib/http_server.c index ae33632598..0fbf991388 100644 --- a/apps/lib/http_server.c +++ b/apps/lib/http_server.c @@ -433,36 +433,33 @@ int http_server_get_asn1_req(const ASN1_ITEM *it, ASN1_VALUE **preq, key = inbuf; value = strchr(key, ':'); - if (value != NULL) { - *(value++) = '\0'; - while (*value == ' ') - value++; - line_end = strchr(value, '\r'); - if (line_end == NULL) - line_end = strchr(value, '\n'); - if (line_end != NULL) - *line_end = '\0'; - } else { + if (value == NULL) { log_message(prog, LOG_WARNING, "Error parsing HTTP header: missing ':'"); (void)http_server_send_status(cbio, 400, "Bad Request"); goto out; } - if (value != NULL && line_end != NULL) { - /* https://tools.ietf.org/html/rfc7230#section-6.3 Persistence */ - if (found_keep_alive != NULL && strcasecmp(key, "Connection") == 0) { - if (strcasecmp(value, "keep-alive") == 0) - *found_keep_alive = 1; - if (strcasecmp(value, "close") == 0) - *found_keep_alive = 0; + *(value++) = '\0'; + while (*value == ' ') + value++; + line_end = strchr(value, '\r'); + if (line_end == NULL) { + line_end = strchr(value, '\n'); + if (line_end == NULL) { + log_message(prog, LOG_WARNING, + "Error parsing HTTP header: missing end of line"); + (void)http_server_send_status(cbio, 400, "Bad Request"); + goto out; } - } else { - log_message(prog, LOG_WARNING, - "Error parsing HTTP header: missing end of line"); - (void)http_server_send_status(cbio, 400, "Bad Request"); - goto out; } - + *line_end = '\0'; + /* https://tools.ietf.org/html/rfc7230#section-6.3 Persistence */ + if (found_keep_alive != NULL && strcasecmp(key, "Connection") == 0) { + if (strcasecmp(value, "keep-alive") == 0) + *found_keep_alive = 1; + if (strcasecmp(value, "close") == 0) + *found_keep_alive = 0; + } } # ifdef HTTP_DAEMON |