Merge pull request #88 from nopolabs/fix/header-size-in-RequestHeaderParser

Fix checking maximum header size, do not take start of body into account

Author: clue

src/RequestHeaderParser.php

@@ -17,21 +17,28 @@ class RequestHeaderParser extends EventEmitter
 
     public function feed($data)
     {
-        if (strlen($this->buffer) + strlen($data) > $this->maxSize) {
+        $this->buffer .= $data;
+
+        $endOfHeader = strpos($this->buffer, "\r\n\r\n");
+
+        if (false !== $endOfHeader) {
+            $currentHeaderSize = $endOfHeader;
+        } else {
+            $currentHeaderSize = strlen($this->buffer);
+        }
+
+        if ($currentHeaderSize > $this->maxSize) {
             $this->emit('error', array(new \OverflowException("Maximum header size of {$this->maxSize} exceeded."), $this));
             $this->removeAllListeners();
             return;
         }
 
-        $this->buffer .= $data;
-
-        if (false !== strpos($this->buffer, "\r\n\r\n")) {
+        if (false !== $endOfHeader) {
             try {
                 $this->parseAndEmitRequest();
             } catch (Exception $exception) {
                 $this->emit('error', [$exception]);
             }
-
             $this->removeAllListeners();
         }
     }

tests/RequestHeaderParserTest.php

@@ -121,6 +121,33 @@ public function testHeaderOverflowShouldEmitError()
         $this->assertSame(0, count($parser->listeners('error')));
     }
 
+    public function testHeaderOverflowShouldNotEmitErrorWhenDataExceedsMaxHeaderSize()
+    {
+        $request = null;
+        $bodyBuffer = null;
+
+        $parser = new RequestHeaderParser();
+        $parser->on('headers', function ($parsedRequest, $parsedBodyBuffer) use (&$request, &$bodyBuffer) {
+            $request = $parsedRequest;
+            $bodyBuffer = $parsedBodyBuffer;
+        });
+
+        $data = $this->createAdvancedPostRequest();
+        $body = str_repeat('A', 4097 - strlen($data));
+        $data .= $body;
+
+        $parser->feed($data);
+
+        $headers = array(
+            'Host' => 'example.com:80',
+            'User-Agent' => 'react/alpha',
+            'Connection' => 'close',
+        );
+        $this->assertSame($headers, $request->getHeaders());
+
+        $this->assertSame($body, $bodyBuffer);
+    }
+
     public function testGuzzleRequestParseException()
     {
         $error = null;

tests/ServerTest.php

@@ -81,8 +81,8 @@ public function testParserErrorEmitted()
         $conn = new ConnectionStub();
         $io->emit('connection', [$conn]);
 
-        $data = $this->createGetRequest();
-        $data = str_pad($data, 4096 * 4);
+        $data = "GET / HTTP/1.1\r\nHost: example.com\r\nConnection: close\r\nX-DATA: ";
+        $data .= str_repeat('A', 4097 - strlen($data)) . "\r\n\r\n";
         $conn->emit('data', [$data]);
 
         $this->assertInstanceOf('OverflowException', $error);