mirror of
https://github.com/johndoe6345789/metabuilder.git
synced 2026-05-01 01:05:00 +00:00
46 lines
1.1 KiB
C++
46 lines
1.1 KiB
C++
/**
|
|
* @file validate_path.hpp
|
|
* @brief Validate HTTP request path for security issues
|
|
*/
|
|
|
|
#pragma once
|
|
|
|
#include <string>
|
|
#include "http_response.hpp"
|
|
#include "socket_types.hpp"
|
|
|
|
namespace dbal {
|
|
namespace daemon {
|
|
|
|
/**
|
|
* @brief Validate request path for null bytes and length
|
|
* @param path Request path
|
|
* @param error_response Error response if validation fails
|
|
* @return true if path is valid
|
|
*/
|
|
inline bool validate_request_path(
|
|
const std::string& path,
|
|
HttpResponse& error_response
|
|
) {
|
|
// Check for null bytes in path (CVE pattern)
|
|
if (path.find('\0') != std::string::npos) {
|
|
error_response.status_code = 400;
|
|
error_response.status_text = "Bad Request";
|
|
error_response.body = R"({"error":"Null byte in path"})";
|
|
return false;
|
|
}
|
|
|
|
// Validate path length
|
|
if (path.length() > MAX_PATH_LENGTH) {
|
|
error_response.status_code = 414;
|
|
error_response.status_text = "URI Too Long";
|
|
error_response.body = R"({"error":"Path too long"})";
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
} // namespace daemon
|
|
} // namespace dbal
|