From d57bd81ce67152d1bd844c1dcedaaac6c198d9ae Mon Sep 17 00:00:00 2001
From: "Wladimir J. van der Laan" <laanwj@gmail.com>
Date: Tue, 20 Oct 2015 11:35:10 +0200
Subject: [PATCH] http: Restrict maximum size of request line + headers

Prevent memory exhaustion by sending lots of data.
Also add a test to `httpbasics.py`.

Closes #6425
---
 qa/rpc-tests/httpbasics.py | 14 ++++++++++++++
 src/httpserver.cpp         |  3 +++
 2 files changed, 17 insertions(+)

diff --git a/qa/rpc-tests/httpbasics.py b/qa/rpc-tests/httpbasics.py
index c62edc8e1..7afbd4a42 100755
--- a/qa/rpc-tests/httpbasics.py
+++ b/qa/rpc-tests/httpbasics.py
@@ -104,5 +104,19 @@ class HTTPBasicsTest (BitcoinTestFramework):
         assert_equal(out1.status, http.client.BAD_REQUEST)
 
 
+        # Check excessive request size
+        conn = httplib.HTTPConnection(urlNode2.hostname, urlNode2.port)
+        conn.connect()
+        conn.request('GET', '/' + ('x'*1000), '', headers)
+        out1 = conn.getresponse()
+        assert_equal(out1.status, httplib.NOT_FOUND)
+
+        conn = httplib.HTTPConnection(urlNode2.hostname, urlNode2.port)
+        conn.connect()
+        conn.request('GET', '/' + ('x'*10000), '', headers)
+        out1 = conn.getresponse()
+        assert_equal(out1.status, httplib.BAD_REQUEST)
+
+
 if __name__ == '__main__':
     HTTPBasicsTest ().main ()
diff --git a/src/httpserver.cpp b/src/httpserver.cpp
index 30f43aee8..089b432fc 100644
--- a/src/httpserver.cpp
+++ b/src/httpserver.cpp
@@ -38,6 +38,9 @@
 /** Maximum size of http request (request line + headers) */
 static const size_t MAX_HEADERS_SIZE = 8192;
 
+/** Maximum size of http request (request line + headers) */
+static const size_t MAX_HEADERS_SIZE = 8192;
+
 /** HTTP request work item */
 class HTTPWorkItem : public HTTPClosure
 {