Handle empty or invalid ‘Content-Length’ (#450)

tnt-dev · benoitc · commit 5b51fb82547d · 2017-10-24T11:55:43.000Z
Ignore non-integer ‘Content-Length’ header.
diff --git a/src/hackney_http.erl b/src/hackney_http.erl
@@ -293,8 +293,10 @@ parse_header(Line, St) ->
                  end,
   St1 = case hackney_bstr:to_lower(hackney_bstr:trim(Key)) of
           <<"content-length">> ->
-            CLen = list_to_integer(binary_to_list(hackney_bstr:trim(Value))),
-            St#hparser{clen=CLen};
+            case catch list_to_integer(binary_to_list(Value)) of
+              CLen when is_integer(CLen) -> St#hparser{clen=CLen};
+              _ -> St
+            end;
           <<"transfer-encoding">> ->
             TE = hackney_bstr:to_lower(hackney_bstr:trim(Value)),
             St#hparser{te=TE};
@@ -331,10 +333,12 @@ parse_body(St=#hparser{body_state=waiting, te=TE, clen=Length,
       {stream, fun te_chunked/2, {0, 0}, fun ce_identity/1}});
     _ when Length =:= 0 orelse Method =:= <<"HEAD">> ->
       {done, Buffer};
-    _ ->
+    _ when is_integer(Length) ->
       parse_body(St#hparser{body_state=
       {stream, fun te_identity/2, {0, Length},
-        fun ce_identity/1}})
+        fun ce_identity/1}});
+    _ ->
+      {done, Buffer}
   end;
 parse_body(#hparser{body_state=done, buffer=Buffer}) ->
   {done, Buffer};
diff --git a/src/hackney_response.erl b/src/hackney_response.erl
@@ -114,7 +114,11 @@ wait_headers({headers_complete, Parser}, Client, Status, Headers) ->
   TE = hackney_headers_new:get_value(<<"transfer-encoding">>, Headers, nil),
   CLen = case hackney_headers_new:lookup("content-length", Headers) of
            [] -> nil;
-           [{_, Len} |_] -> list_to_integer(binary_to_list(Len))
+           [{_, Len} |_] ->
+             case catch list_to_integer(binary_to_list(Len)) of
+               V when is_integer(V) -> V;
+                 _ -> nil
+             end
          end,
   Client2 = Client#client{parser=Parser,
                           headers=Headers,
@@ -128,8 +132,9 @@ stream_body(Client=#client{method= <<"HEAD">>, parser=Parser}) ->
   Buffer = hackney_http:get(Parser, buffer),
   Client2 = end_stream_body(Buffer, Client),
   {done, Client2};
-stream_body(Client=#client{parser=Parser, clen=0, te=TE})
-  when TE /= <<"chunked">> ->
+stream_body(Client=#client{parser=Parser, clen=CLen, te=TE})
+  when (CLen =:= 0 orelse not is_integer(CLen)) andalso
+       TE /= <<"chunked">> ->
   Buffer = hackney_http:get(Parser, buffer),
   Client2 = end_stream_body(Buffer, Client),
   {done, Client2};
diff --git a/src/hackney_stream.erl b/src/hackney_stream.erl
@@ -339,8 +339,10 @@ process({header, {Key, Value}=KV, NParser},
   %% store useful headers
   Client1 = case hackney_bstr:to_lower(Key) of
               <<"content-length">> ->
-                CLen = list_to_integer(binary_to_list(Value)),
-                Client#client{clen=CLen};
+                case catch list_to_integer(binary_to_list(Value)) of
+                  CLen when is_integer(CLen) -> Client#client{clen=CLen};
+                  _ -> Client
+                end;
               <<"transfer-encoding">> ->
                 Client#client{te=hackney_bstr:to_lower(Value)};
               <<"connection">> ->
