Skip to content

Commit 55829c7

Browse files
cypherbridgecypherbridge
authored
update usage _nx_web_http_server_response_send
change content length error responses for underflow and other conditions from NX_WEB_HTTP_STATUS_INTERNAL_ERROR to NX_WEB_HTTP_STATUS_BAD_REQUEST. Obfuscate additional information message to eliminate 'Underflow' to defend adversary protocol fuzzing discovery
1 parent 0a63af9 commit 55829c7

File tree

1 file changed

+17
-17
lines changed

1 file changed

+17
-17
lines changed

addons/web/nx_web_http_server.c

Lines changed: 17 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -3968,8 +3968,8 @@ UINT temp_realm_length = 0;
39683968
}
39693969

39703970
/* Send response back to HTTP Client. */
3971-
_nx_web_http_server_response_send(server_ptr, NX_WEB_HTTP_STATUS_INTERNAL_ERROR,
3972-
sizeof(NX_WEB_HTTP_STATUS_INTERNAL_ERROR) - 1,
3971+
_nx_web_http_server_response_send(server_ptr, NX_WEB_HTTP_STATUS_BAD_REQUEST,
3972+
sizeof(NX_WEB_HTTP_STATUS_BAD_REQUEST) - 1,
39733973
"NetX HTTP Receive Timeout",
39743974
sizeof("NetX HTTP Receive Timeout") - 1, NX_NULL, 0);
39753975

@@ -4507,10 +4507,10 @@ UINT temp_realm_length = 0;
45074507
/* Underflow error has occurred.*/
45084508

45094509
/* Send response back to HTTP Client. */
4510-
_nx_web_http_server_response_send(server_ptr, NX_WEB_HTTP_STATUS_INTERNAL_ERROR,
4511-
sizeof(NX_WEB_HTTP_STATUS_INTERNAL_ERROR) - 1,
4512-
"NetX HTTP Length Underflow",
4513-
sizeof("NetX HTTP Length Underflow") - 1, NX_NULL, 0);
4510+
_nx_web_http_server_response_send(server_ptr, NX_WEB_HTTP_STATUS_BAD_REQUEST,
4511+
sizeof(NX_WEB_HTTP_STATUS_BAD_REQUEST) - 1,
4512+
"NetX HTTP Content Length",
4513+
sizeof("NetX HTTP Content Length") - 1, NX_NULL, 0);
45144514

45154515
/* Release the previous data packet. */
45164516
nx_packet_release(data_packet_ptr);
@@ -4561,10 +4561,10 @@ UINT temp_realm_length = 0;
45614561
/* Underflow error has occurred.*/
45624562

45634563
/* Send response back to HTTP Client. */
4564-
_nx_web_http_server_response_send(server_ptr, NX_WEB_HTTP_STATUS_INTERNAL_ERROR,
4565-
sizeof(NX_WEB_HTTP_STATUS_INTERNAL_ERROR) - 1,
4566-
"NetX HTTP Length Underflow",
4567-
sizeof("NetX HTTP Length Underflow") - 1, NX_NULL, 0);
4564+
_nx_web_http_server_response_send(server_ptr, NX_WEB_HTTP_STATUS_BAD_REQUEST,
4565+
sizeof(NX_WEB_HTTP_STATUS_BAD_REQUEST) - 1,
4566+
"NetX HTTP Content Length",
4567+
sizeof("NetX HTTP Content Length") - 1, NX_NULL, 0);
45684568

45694569
/* Release the previous data packet. */
45704570
nx_packet_release(data_packet_ptr);
@@ -4606,8 +4606,8 @@ UINT temp_realm_length = 0;
46064606
}
46074607

46084608
/* Send response back to HTTP Client. */
4609-
_nx_web_http_server_response_send(server_ptr, NX_WEB_HTTP_STATUS_INTERNAL_ERROR,
4610-
sizeof(NX_WEB_HTTP_STATUS_INTERNAL_ERROR) - 1,
4609+
_nx_web_http_server_response_send(server_ptr, NX_WEB_HTTP_STATUS_BAD_REQUEST,
4610+
sizeof(NX_WEB_HTTP_STATUS_BAD_REQUEST) - 1,
46114611
"NetX HTTP Receive Timeout",
46124612
sizeof("NetX HTTP Receive Timeout") - 1, NX_NULL, 0);
46134613

@@ -4651,10 +4651,10 @@ UINT temp_realm_length = 0;
46514651
/* Underflow error has occurred.*/
46524652

46534653
/* Send response back to HTTP Client. */
4654-
_nx_web_http_server_response_send(server_ptr, NX_WEB_HTTP_STATUS_INTERNAL_ERROR,
4655-
sizeof(NX_WEB_HTTP_STATUS_INTERNAL_ERROR) - 1,
4656-
"NetX HTTP Length Underflow",
4657-
sizeof("NetX HTTP Length Underflow") - 1, NX_NULL, 0);
4654+
_nx_web_http_server_response_send(server_ptr, NX_WEB_HTTP_STATUS_BAD_REQUEST,
4655+
sizeof(NX_WEB_HTTP_STATUS_BAD_REQUEST) - 1,
4656+
"NetX HTTP Content Length",
4657+
sizeof("NetX HTTP Content Length") - 1, NX_NULL, 0);
46584658

46594659
/* Release the previous data packet. */
46604660
nx_packet_release(data_packet_ptr);
@@ -11396,4 +11396,4 @@ UINT _nx_web_http_server_authentication_check_set(NX_WEB_HTTP_SERVER *http_serve
1139611396

1139711397
/* Return success. */
1139811398
return(NX_SUCCESS);
11399-
}
11399+
}

0 commit comments

Comments
 (0)