Skip to content
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.

Commit 439923e

Browse files
authoredJul 30, 2020
Update Parsing.cpp
When uploading TLS cert files the end of file "-----END CERTIFICATE-----" (or any kind of file with the sequence "CRLF--") is taken as posible end boundary. Then it is compared to the start boundary string. As it is expected, comparison turns to be false, and the whole end boundary string is put to _currentUpload->buf through _uploadWriteByte(). Here you have the problem: if you read boundary.length() bytes from HTTP request and you have some of the actual end boundary bytes in it, when you put all those bytes into _currentUpload->buf you are making a mistake. You will miss the actual end boundary string because some of those bytes were put in _currentUpload->buf.
1 parent 4d98cea commit 439923e

File tree

1 file changed

+17
-1
lines changed

1 file changed

+17
-1
lines changed
 

‎libraries/WebServer/src/Parsing.cpp

Lines changed: 17 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -458,7 +458,23 @@ bool WebServer::_parseForm(WiFiClient& client, String boundary, uint32_t len){
458458
}
459459

460460
uint8_t endBuf[boundary.length()];
461-
client.readBytes(endBuf, boundary.length());
461+
uint32_t i = 0;
462+
while(i < boundary.length()){
463+
argByte = _uploadReadByte(client);
464+
if(argByte < 0) return _parseFormUploadAborted();
465+
if ((char)argByte == 0x0D){
466+
_uploadWriteByte(0x0D);
467+
_uploadWriteByte(0x0A);
468+
_uploadWriteByte((uint8_t)('-'));
469+
_uploadWriteByte((uint8_t)('-'));
470+
uint32_t j = 0;
471+
while(j < i){
472+
_uploadWriteByte(endBuf[j++]);
473+
}
474+
goto readfile;
475+
}
476+
endBuf[i++] = (uint8_t)argByte;
477+
}
462478

463479
if (strstr((const char*)endBuf, boundary.c_str()) != NULL){
464480
if(_currentHandler && _currentHandler->canUpload(_currentUri))

0 commit comments

Comments
 (0)
Please sign in to comment.