handlers: read ContentLength value directly from http.Request.

Do not look for Content-Length in headers and try to convert them into integer representations use ContentLength field from *http.Request*. If Content-Length is understood to be as '-1' then treat it as an error condition, since it could be a malformed body to crash the server. Fixes #1011
2025-11-20 18:06:10 -05:00 · 2015-12-27 23:00:36 -08:00
parent 7aab7ba946
commit 2f67559684
3 changed files with 19 additions and 46 deletions
--- a/bucket-handlers.go
+++ b/bucket-handlers.go
@@ -226,8 +226,8 @@ func (api CloudStorageAPI) PutBucketHandler(w http.ResponseWriter, req *http.Req

 	// if body of request is non-nil then check for validity of Content-Length
 	if req.Body != nil {
-		/// if Content-Length missing, deny the request
-		if req.Header.Get("Content-Length") == "" {
+		/// if Content-Length is unknown/missing, deny the request
+		if req.ContentLength == -1 {
 			writeErrorResponse(w, req, MissingContentLength, req.URL.Path)
 			return
 		}
@@ -275,9 +275,8 @@ func (api CloudStorageAPI) PutBucketHandler(w http.ResponseWriter, req *http.Req
 func (api CloudStorageAPI) PostPolicyBucketHandler(w http.ResponseWriter, req *http.Request) {
 	// if body of request is non-nil then check for validity of Content-Length
 	if req.Body != nil {
-		/// if Content-Length missing, deny the request
-		size := req.Header.Get("Content-Length")
-		if size == "" {
+		/// if Content-Length is unknown/missing, deny the request
+		if req.ContentLength == -1 {
 			writeErrorResponse(w, req, MissingContentLength, req.URL.Path)
 			return
 		}