moonlight-stream/Internet-Hosting-Tool
1
0
Fork 0
mirror of https://github.com/moonlight-stream/Internet-Hosting-Tool.git synced 2026-04-12 10:46:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix handling of malformed SSDP responses

Browse Source
This commit is contained in:
Cameron Gutman
2018-11-07 17:55:11 -08:00
parent 176a1762d6
commit 4ee5b9d28a
1 changed files with 17 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
miss/tracer.cpp
View File

@@ -94,11 +94,22 @@ struct UPNPDev* getUPnPDevicesByAddress(IN_ADDR address)
char* protocol = strtok(responseBuffer, " ");
char* statusCodeStr = strtok(nullptr, " ");
char* statusMessage = strtok(nullptr, "\r");
if (_stricmp(protocol, "HTTP/1.0") && _stricmp(protocol, "HTTP/1.1")) {
// Check for a valid response header
if (protocol == nullptr) {
printf("Missing protocol in SSDP header\n");
continue;
}
else if (statusCodeStr == nullptr) {
printf("Missing status code in SSDP header\n");
continue;
}
// FIXME: Should we require statusMessage too?
else if (_stricmp(protocol, "HTTP/1.0") && _stricmp(protocol, "HTTP/1.1")) {
printf("Unexpected protocol: %s\n", protocol);
continue;
}
if (atoi(statusCodeStr) != 200) {
else if (atoi(statusCodeStr) != 200) {
printf("Unexpected status: %s %s\n", statusCodeStr, statusMessage);
continue;
}
@@ -109,6 +120,10 @@ struct UPNPDev* getUPnPDevicesByAddress(IN_ADDR address)
char* st = nullptr;
while (char* headerName = strtok(nullptr, "\r\n:")) {
char* headerValue = strtok(nullptr, "\r");
if (headerValue == nullptr) {
printf("Unexpected end of SSDP header\n");
break;
}
// Skip leading spaces
while (*headerValue == ' ') headerValue++;