The existing logic for checking overlong request headers did not take
into account that when the request body content length is a multiple
of 4096, the request handling state might transition directly from
CLIENT_STATE_HEADER or CLIENT_STATE_DATA to CLIENT_STATE_DONE, in
which case we must not emit a stray HTTP 413 error.
Fixes: https://github.com/openwrt/luci/issues/2051
Signed-off-by: Liangbin Lian <jjm2473@gmail.com>
[Change commit subject, add commit message, swap order of conditions]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
if (!read_cbs[cl->state](cl, str, len)) {
if (len == us->r.buffer_len &&
- cl->state != CLIENT_STATE_DATA)
+ cl->state != CLIENT_STATE_DATA &&
+ cl->state != CLIENT_STATE_DONE)
uh_header_error(cl, 413, "Request Entity Too Large");
break;
}