protocol: fix host origin checking

author Shuanglei Tao <tsl0922@gmail.com>

Tue, 24 Oct 2017 12:24:51 +0000 (20:24 +0800)

committer Shuanglei Tao <tsl0922@gmail.com>

Tue, 24 Oct 2017 12:31:39 +0000 (20:31 +0800)
author Shuanglei Tao <tsl0922@gmail.com>
Tue, 24 Oct 2017 12:24:51 +0000 (20:24 +0800)
committer Shuanglei Tao <tsl0922@gmail.com>
Tue, 24 Oct 2017 12:31:39 +0000 (20:31 +0800)
diff --git a/src/protocol.c b/src/protocol.c

index 237d1d287b5d32f910d10eb0a8415a52f830ab6e..9d3ba1f6533fbe90b4e3917b08167c8679bf22cb 100644 (file)
--- a/src/protocol.c
+++ b/src/protocol.c
@@ -60,21 +60,28 @@ check_host_origin(struct lws *wsi) {
      char buf[origin_length + 1];
      memset(buf, 0, sizeof(buf));
      int len = lws_hdr_copy(wsi, buf, sizeof(buf), WSI_TOKEN_ORIGIN);
-    if (len > 0) {
-        const char *prot, *address, *path;
-        int port;
-        if (lws_parse_uri(buf, &prot, &address, &port, &path))
-            return false;
+    if (len <= 0) {
+        return false;
+    }
+
+    const char *prot, *address, *path;
+    int port;
+    if (lws_parse_uri(buf, &prot, &address, &port, &path))
+        return false;
+    if (port == 80 || port == 443) {
+        sprintf(buf, "%s", address);
+    } else {
          sprintf(buf, "%s:%d", address, port);
-        int host_length = lws_hdr_total_length(wsi, WSI_TOKEN_HOST);
-        if (host_length != strlen(buf))
-            return false;
-        char host_buf[host_length + 1];
-        memset(host_buf, 0, sizeof(host_buf));
-        len = lws_hdr_copy(wsi, host_buf, sizeof(host_buf), WSI_TOKEN_HOST);
-        return len > 0 && strcasecmp(buf, host_buf) == 0;
      }
-    return false;
+
+    int host_length = lws_hdr_total_length(wsi, WSI_TOKEN_HOST);
+    if (host_length != strlen(buf))
+        return false;
+    char host_buf[host_length + 1];
+    memset(host_buf, 0, sizeof(host_buf));
+    len = lws_hdr_copy(wsi, host_buf, sizeof(host_buf), WSI_TOKEN_HOST);
+
+    return len > 0 && strcasecmp(buf, host_buf) == 0;
  }
  
  void
diff --git a/src/server.c b/src/server.c

index d2dccfddf89103b6f7428802b135c600725da233..7c711102e3ac0c0df5b5c0c76417d3a4d432c9cb 100644 (file)
--- a/src/server.c
+++ b/src/server.c
@@ -270,7 +270,7 @@ main(int argc, char **argv) {
                  }
                  break;
              case 'i':
-                strncpy(iface, optarg, sizeof(iface));
+                strncpy(iface, optarg, sizeof(iface) - 1);
                  iface[sizeof(iface) - 1] = '\0';
                  break;
              case 'c':
author	Shuanglei Tao <tsl0922@gmail.com>
	Tue, 24 Oct 2017 12:24:51 +0000 (20:24 +0800)
committer	Shuanglei Tao <tsl0922@gmail.com>
	Tue, 24 Oct 2017 12:31:39 +0000 (20:31 +0800)
src/protocol.c		patch \| blob \| history
src/server.c		patch \| blob \| history