OpenSim
/
OpenSimMirror
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Added a Catch(InvalidOperationException) to BaseHttpServer.HandleRequest(). Which is thrown due to errors in the XML deserializing. Without this catch is it easy to bring down any of the opensim servers on purpose by just sending corrupt xml to them.

0.6.1-post-fixes
MW 2008-12-01 11:23:27 +00:00
parent 5d290cda4a
commit 67c260fdcc
1 changed files with 24 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
OpenSim/Framework/Servers/BaseHttpServer.cs
View File

@ -266,7 +266,7 @@ namespace OpenSim.Framework.Servers
public virtual void HandleRequest(OSHttpRequest request, OSHttpResponse response) public virtual void HandleRequest(OSHttpRequest request, OSHttpResponse response)
{ {
try try
{ {
Culture.SetCurrentCulture(); Culture.SetCurrentCulture();
// This is the REST agent interface. We require an agent to properly identify // This is the REST agent interface. We require an agent to properly identify
@ -287,7 +287,7 @@ namespace OpenSim.Framework.Servers
} }
IRequestHandler requestHandler; IRequestHandler requestHandler;
response.KeepAlive = true; response.KeepAlive = true;
response.SendChunked = false; response.SendChunked = false;
string path = request.RawUrl; string path = request.RawUrl;
@ -316,8 +316,8 @@ namespace OpenSim.Framework.Servers
StreamReader reader = new StreamReader(requestStream, encoding); StreamReader reader = new StreamReader(requestStream, encoding);
string requestBody = reader.ReadToEnd(); string requestBody = reader.ReadToEnd();
reader.Close(); reader.Close();
requestStream.Close(); requestStream.Close();
@ -340,21 +340,21 @@ namespace OpenSim.Framework.Servers
headervals[headername] = request.Headers[headername]; headervals[headername] = request.Headers[headername];
} }
// if (headervals.Contains("Host")) // if (headervals.Contains("Host"))
// { // {
// host = (string)headervals["Host"]; // host = (string)headervals["Host"];
// } // }
keysvals.Add("requestbody",requestBody); keysvals.Add("requestbody", requestBody);
if (keysvals.Contains("method")) if (keysvals.Contains("method"))
{ {
//m_log.Warn("[HTTP]: Contains Method"); //m_log.Warn("[HTTP]: Contains Method");
//string method = (string)keysvals["method"]; //string method = (string)keysvals["method"];
//m_log.Warn("[HTTP]: " + requestBody); //m_log.Warn("[HTTP]: " + requestBody);
} }
DoHTTPGruntWork(HTTPRequestHandler.Handle(path,keysvals), response); DoHTTPGruntWork(HTTPRequestHandler.Handle(path, keysvals), response);
return; return;
} }
else else
{ {
@ -427,10 +427,10 @@ namespace OpenSim.Framework.Servers
default: default:
//m_log.Info("[Debug BASE HTTP SERVER]: in default handler"); //m_log.Info("[Debug BASE HTTP SERVER]: in default handler");
// Point of note.. the DoWeHaveA methods check for an EXACT path // Point of note.. the DoWeHaveA methods check for an EXACT path
// if (request.RawUrl.Contains("/CAPS/EQG")) // if (request.RawUrl.Contains("/CAPS/EQG"))
// { // {
// int i = 1; // int i = 1;
// } // }
//m_log.Info("[Debug BASE HTTP SERVER]: Checking for LLSD Handler"); //m_log.Info("[Debug BASE HTTP SERVER]: Checking for LLSD Handler");
if (DoWeHaveALLSDHandler(request.RawUrl)) if (DoWeHaveALLSDHandler(request.RawUrl))
{ {
@ -449,7 +449,7 @@ namespace OpenSim.Framework.Servers
//m_log.Info("[Debug BASE HTTP SERVER]: Generic XMLRPC"); //m_log.Info("[Debug BASE HTTP SERVER]: Generic XMLRPC");
// generic login request. // generic login request.
HandleXmlRpcRequests(request, response); HandleXmlRpcRequests(request, response);
return; return;
} }
} }
@ -468,6 +468,11 @@ namespace OpenSim.Framework.Servers
{ {
m_log.ErrorFormat("[BASE HTTP SERVER]: HandleRequest() threw {0}", e); m_log.ErrorFormat("[BASE HTTP SERVER]: HandleRequest() threw {0}", e);
} }
catch (InvalidOperationException e)
{
m_log.ErrorFormat("[BASE HTTP SERVER]: HandleRequest() threw {0}", e);
SendHTML500(response);
}
} }
private bool TryGetStreamHandler(string handlerKey, out IRequestHandler streamHandler) private bool TryGetStreamHandler(string handlerKey, out IRequestHandler streamHandler)