diff options
author | MW | 2008-12-01 11:23:27 +0000 |
---|---|---|
committer | MW | 2008-12-01 11:23:27 +0000 |
commit | 67c260fdcc1f314d701dd4acfaa16275750cdf74 (patch) | |
tree | 33d9130e7f387f082db1e3672270ccdbb0946ec2 | |
parent | * Making log available for subclasses (diff) | |
download | opensim-SC-67c260fdcc1f314d701dd4acfaa16275750cdf74.zip opensim-SC-67c260fdcc1f314d701dd4acfaa16275750cdf74.tar.gz opensim-SC-67c260fdcc1f314d701dd4acfaa16275750cdf74.tar.bz2 opensim-SC-67c260fdcc1f314d701dd4acfaa16275750cdf74.tar.xz |
Added a Catch(InvalidOperationException) to BaseHttpServer.HandleRequest(). Which is thrown due to errors in the XML deserializing. Without this catch is it easy to bring down any of the opensim servers on purpose by just sending corrupt xml to them.
Diffstat (limited to '')
-rw-r--r-- | OpenSim/Framework/Servers/BaseHttpServer.cs | 43 |
1 files changed, 24 insertions, 19 deletions
diff --git a/OpenSim/Framework/Servers/BaseHttpServer.cs b/OpenSim/Framework/Servers/BaseHttpServer.cs index e59b531..aa2a06c 100644 --- a/OpenSim/Framework/Servers/BaseHttpServer.cs +++ b/OpenSim/Framework/Servers/BaseHttpServer.cs | |||
@@ -266,7 +266,7 @@ namespace OpenSim.Framework.Servers | |||
266 | 266 | ||
267 | public virtual void HandleRequest(OSHttpRequest request, OSHttpResponse response) | 267 | public virtual void HandleRequest(OSHttpRequest request, OSHttpResponse response) |
268 | { | 268 | { |
269 | try | 269 | try |
270 | { | 270 | { |
271 | Culture.SetCurrentCulture(); | 271 | Culture.SetCurrentCulture(); |
272 | // This is the REST agent interface. We require an agent to properly identify | 272 | // This is the REST agent interface. We require an agent to properly identify |
@@ -287,7 +287,7 @@ namespace OpenSim.Framework.Servers | |||
287 | } | 287 | } |
288 | 288 | ||
289 | IRequestHandler requestHandler; | 289 | IRequestHandler requestHandler; |
290 | response.KeepAlive = true; | 290 | response.KeepAlive = true; |
291 | response.SendChunked = false; | 291 | response.SendChunked = false; |
292 | 292 | ||
293 | string path = request.RawUrl; | 293 | string path = request.RawUrl; |
@@ -316,8 +316,8 @@ namespace OpenSim.Framework.Servers | |||
316 | StreamReader reader = new StreamReader(requestStream, encoding); | 316 | StreamReader reader = new StreamReader(requestStream, encoding); |
317 | 317 | ||
318 | string requestBody = reader.ReadToEnd(); | 318 | string requestBody = reader.ReadToEnd(); |
319 | 319 | ||
320 | 320 | ||
321 | reader.Close(); | 321 | reader.Close(); |
322 | requestStream.Close(); | 322 | requestStream.Close(); |
323 | 323 | ||
@@ -340,21 +340,21 @@ namespace OpenSim.Framework.Servers | |||
340 | headervals[headername] = request.Headers[headername]; | 340 | headervals[headername] = request.Headers[headername]; |
341 | } | 341 | } |
342 | 342 | ||
343 | // if (headervals.Contains("Host")) | 343 | // if (headervals.Contains("Host")) |
344 | // { | 344 | // { |
345 | // host = (string)headervals["Host"]; | 345 | // host = (string)headervals["Host"]; |
346 | // } | 346 | // } |
347 | 347 | ||
348 | keysvals.Add("requestbody",requestBody); | 348 | keysvals.Add("requestbody", requestBody); |
349 | if (keysvals.Contains("method")) | 349 | if (keysvals.Contains("method")) |
350 | { | 350 | { |
351 | //m_log.Warn("[HTTP]: Contains Method"); | 351 | //m_log.Warn("[HTTP]: Contains Method"); |
352 | //string method = (string)keysvals["method"]; | 352 | //string method = (string)keysvals["method"]; |
353 | //m_log.Warn("[HTTP]: " + requestBody); | 353 | //m_log.Warn("[HTTP]: " + requestBody); |
354 | 354 | ||
355 | } | 355 | } |
356 | DoHTTPGruntWork(HTTPRequestHandler.Handle(path,keysvals), response); | 356 | DoHTTPGruntWork(HTTPRequestHandler.Handle(path, keysvals), response); |
357 | return; | 357 | return; |
358 | } | 358 | } |
359 | else | 359 | else |
360 | { | 360 | { |
@@ -427,10 +427,10 @@ namespace OpenSim.Framework.Servers | |||
427 | default: | 427 | default: |
428 | //m_log.Info("[Debug BASE HTTP SERVER]: in default handler"); | 428 | //m_log.Info("[Debug BASE HTTP SERVER]: in default handler"); |
429 | // Point of note.. the DoWeHaveA methods check for an EXACT path | 429 | // Point of note.. the DoWeHaveA methods check for an EXACT path |
430 | // if (request.RawUrl.Contains("/CAPS/EQG")) | 430 | // if (request.RawUrl.Contains("/CAPS/EQG")) |
431 | // { | 431 | // { |
432 | // int i = 1; | 432 | // int i = 1; |
433 | // } | 433 | // } |
434 | //m_log.Info("[Debug BASE HTTP SERVER]: Checking for LLSD Handler"); | 434 | //m_log.Info("[Debug BASE HTTP SERVER]: Checking for LLSD Handler"); |
435 | if (DoWeHaveALLSDHandler(request.RawUrl)) | 435 | if (DoWeHaveALLSDHandler(request.RawUrl)) |
436 | { | 436 | { |
@@ -449,7 +449,7 @@ namespace OpenSim.Framework.Servers | |||
449 | //m_log.Info("[Debug BASE HTTP SERVER]: Generic XMLRPC"); | 449 | //m_log.Info("[Debug BASE HTTP SERVER]: Generic XMLRPC"); |
450 | // generic login request. | 450 | // generic login request. |
451 | HandleXmlRpcRequests(request, response); | 451 | HandleXmlRpcRequests(request, response); |
452 | 452 | ||
453 | return; | 453 | return; |
454 | } | 454 | } |
455 | } | 455 | } |
@@ -468,6 +468,11 @@ namespace OpenSim.Framework.Servers | |||
468 | { | 468 | { |
469 | m_log.ErrorFormat("[BASE HTTP SERVER]: HandleRequest() threw {0}", e); | 469 | m_log.ErrorFormat("[BASE HTTP SERVER]: HandleRequest() threw {0}", e); |
470 | } | 470 | } |
471 | catch (InvalidOperationException e) | ||
472 | { | ||
473 | m_log.ErrorFormat("[BASE HTTP SERVER]: HandleRequest() threw {0}", e); | ||
474 | SendHTML500(response); | ||
475 | } | ||
471 | } | 476 | } |
472 | 477 | ||
473 | private bool TryGetStreamHandler(string handlerKey, out IRequestHandler streamHandler) | 478 | private bool TryGetStreamHandler(string handlerKey, out IRequestHandler streamHandler) |