[libsoup] SoupServer: reject non-HTTP URIs and URIs with no host

[Simon McVittie <smcv src gnome org>]

commit 1d9df75e75e7df2656ff9a6567acc5f16d90e0cb
Author: Simon McVittie <simon mcvittie collabora co uk>
Date:   Tue Jan 10 17:03:39 2012 +0000

    SoupServer: reject non-HTTP URIs and URIs with no host
    
    This prevents a critical warning and other misbehaviour in the
    simple-httpd test, when using requests like "GET http: HTTP/1.0".
    
    Bug: https://bugzilla.gnome.org/show_bug.cgi?id=667637
    Bug-NB: NB#294977
    Signed-off-by: Simon McVittie <simon mcvittie collabora co uk>
    Reviewed-by: Dan Winship <danw gnome org>

 libsoup/soup-message-server-io.c |   10 +++++++++-
 1 files changed, 9 insertions(+), 1 deletions(-)
---
diff --git a/libsoup/soup-message-server-io.c b/libsoup/soup-message-server-io.c
index 573fcaf..624fad6 100644
--- a/libsoup/soup-message-server-io.c
+++ b/libsoup/soup-message-server-io.c
@@ -94,8 +94,16 @@ parse_request_headers (SoupMessage *msg, char *headers, guint headers_len,
 		uri = NULL;
 
 	g_free (req_path);
-	if (!uri)
+
+	if (!SOUP_URI_VALID_FOR_HTTP (uri)) {
+		/* certainly not "a valid host on the server" (RFC2616 5.2.3)
+		 * SOUP_URI_VALID_FOR_HTTP also guards against uri == NULL
+		 */
+		if (uri)
+			soup_uri_free (uri);
 		return SOUP_STATUS_BAD_REQUEST;
+	}
+
 	soup_message_set_uri (msg, uri);
 	soup_uri_free (uri);