net/http: ignore malicious or dumb Range requests

R=golang-dev, adg CC=golang-dev https://golang.org/cl/6356050
2024-11-20 11:24:47 -07:00 · 2012-06-30 12:26:06 -07:00 · 2012-06-30 12:26:06 -07:00 · f06b12f0c7
commit f06b12f0c7
parent ccbac5a480
2 changed files with 15 additions and 0 deletions
--- a/src/pkg/net/http/fs.go
+++ b/src/pkg/net/http/fs.go
@ -152,6 +152,13 @@ func serveContent(w ResponseWriter, r *Request, name string, modtime time.Time,
 			Error(w, err.Error(), StatusRequestedRangeNotSatisfiable)
 			return
 		}
+		if sumRangesSize(ranges) >= size {
+			// The total number of bytes in all the ranges
+			// is larger the the size of the file by
+			// itself, so this is probably an attack, or a
+			// dumb client.  Ignore the range request.
+			ranges = nil
+		}
 		switch {
 		case len(ranges) == 1:
 			// RFC 2616, Section 14.16:
@ -446,3 +453,10 @@ func rangesMIMESize(ranges []httpRange, contentType string, contentSize int64) (
 	encSize += int64(w)
 	return
 }
+
+func sumRangesSize(ranges []httpRange) (size int64) {
+	for _, ra := range ranges {
+		size += ra.length
+	}
+	return
+}
--- a/src/pkg/net/http/fs_test.go
+++ b/src/pkg/net/http/fs_test.go
@ -50,6 +50,7 @@ var ServeFileRangeTests = []struct {
 	{r: "bytes=0-0,-2", code: StatusPartialContent, ranges: []wantRange{{0, 1}, {testFileLen - 2, testFileLen}}},
 	{r: "bytes=0-1,5-8", code: StatusPartialContent, ranges: []wantRange{{0, 2}, {5, 9}}},
 	{r: "bytes=0-1,5-", code: StatusPartialContent, ranges: []wantRange{{0, 2}, {5, testFileLen}}},
+	{r: "bytes=0-,1-,2-,3-,4-", code: StatusOK}, // ignore wasteful range request
 }

 func TestServeFile(t *testing.T) {