From 48a65d6bcba592703117fb448f4da6271e4ca274 Mon Sep 17 00:00:00 2001
From: KLuka <luka.krajger@gmail.com>
Date: Wed, 26 Aug 2015 23:20:28 +0200
Subject: [PATCH] Fixed handling of large HTTP requests

* Protection against large HTTP requests was fixed by adding some null
  pointer checks. Too large HTTP requests are now correctly handled by
  returning error code and closing connection.
---
 libhttp/httpconnection.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/libhttp/httpconnection.c b/libhttp/httpconnection.c
index ea47be0..31e41d8 100644
--- a/libhttp/httpconnection.c
+++ b/libhttp/httpconnection.c
@@ -609,7 +609,7 @@ void httpTransfer(struct HttpConnection *http, char *msg, int len) {
         // Found the end of the headers.
 
         // Check that we don't send any data with HEAD requests
-        int isHead          = !strcmp(http->method, "HEAD");
+        int isHead          = http->method && !strcmp(http->method, "HEAD");
         check(l == 2 || !isHead);
 
         #ifdef HAVE_ZLIB
@@ -1421,6 +1421,7 @@ int httpHandleConnection(struct ServerConnection *connection, void *http_,
       if (bytes > 0) {
         http->headerLength          += bytes;
         if (http->headerLength > MAX_HEADER_LENGTH) {
+          debug("[http] Connection closed due to exceeded header size!");
           httpSendReply(http, 413, "Header too big", NO_MSG);
           bytes                      = 0;
           eof                        = 1;
@@ -1782,7 +1783,7 @@ void httpSendReply(struct HttpConnection *http, int code,
                                 code != 200 ? "Connection: close\r\n" : "",
                                 (long)strlen(body));
   }
-  int isHead     = !strcmp(http->method, "HEAD");
+  int isHead     = http->method && !strcmp(http->method, "HEAD");
   if (!isHead) {
     response     = stringPrintf(response, "%s", body);
   }