From f070e4523aebd383f6424a020c93f4065aaa673c Mon Sep 17 00:00:00 2001
From: Aldo Cortesi <aldo@nullcube.com>
Date: Sat, 30 Jun 2012 15:59:42 +1200
Subject: Handle invalid data more gracefully.

Fixes #47
---
 libmproxy/proxy.py | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

(limited to 'libmproxy')

diff --git a/libmproxy/proxy.py b/libmproxy/proxy.py
index af4a83ec..3ec22fb4 100644
--- a/libmproxy/proxy.py
+++ b/libmproxy/proxy.py
@@ -189,7 +189,7 @@ class ProxyHandler(tcp.BaseHandler):
             if request:
                 err = flow.Error(request, e.msg)
                 err._send(self.mqueue)
-                self.send_error(e.code, e.msg)
+            self.send_error(e.code, e.msg)
         else:
             return True
 
@@ -261,7 +261,10 @@ class ProxyHandler(tcp.BaseHandler):
             if line == "":
                 return None
             if line.startswith("CONNECT"):
-                host, port, httpversion = http.parse_init_connect(line)
+                r = http.parse_init_connect(line)
+                if not r:
+                    raise ProxyError(400, "Bad HTTP request line: %s"%line)
+                host, port, httpversion = r
                 # FIXME: Discard additional headers sent to the proxy. Should I expose
                 # these to users?
                 while 1:
@@ -290,6 +293,9 @@ class ProxyHandler(tcp.BaseHandler):
                 )
                 return flow.Request(client_conn, httpversion, host, port, "https", method, path, headers, content)
             else:
+                r = http.parse_init_proxy(line)
+                if not r:
+                    raise ProxyError(400, "Bad HTTP request line: %s"%line)
                 method, scheme, host, port, path, httpversion = http.parse_init_proxy(line)
                 headers = http.read_headers(self.rfile)
                 content = http.read_http_body_request(
-- 
cgit v1.2.3