check max header size

nopolabs · nopolabs · commit 6e3c57def085 · 2017-02-05T11:44:41.000-08:00
diff --git a/src/RequestHeaderParser.php b/src/RequestHeaderParser.php
@@ -17,21 +17,28 @@ class RequestHeaderParser extends EventEmitter
 
     public function feed($data)
     {
-        if (strlen($this->buffer) + strlen($data) > $this->maxSize) {
+        $this->buffer .= $data;
+
+        $endOfHeader = strpos($this->buffer, "\r\n\r\n");
+
+        if (false !== $endOfHeader) {
+            $currentHeaderSize = $endOfHeader;
+        } else {
+            $currentHeaderSize = strlen($this->buffer);
+        }
+
+        if ($currentHeaderSize > $this->maxSize) {
             $this->emit('error', array(new \OverflowException("Maximum header size of {$this->maxSize} exceeded."), $this));
             $this->removeAllListeners();
             return;
         }
 
-        $this->buffer .= $data;
-
-        if (false !== strpos($this->buffer, "\r\n\r\n")) {
+        if (false !== $endOfHeader) {
             try {
                 $this->parseAndEmitRequest();
             } catch (Exception $exception) {
                 $this->emit('error', [$exception]);
             }
-
             $this->removeAllListeners();
         }
     }
diff --git a/tests/RequestHeaderParserTest.php b/tests/RequestHeaderParserTest.php
@@ -121,6 +121,33 @@ public function testHeaderOverflowShouldEmitError()
         $this->assertSame(0, count($parser->listeners('error')));
     }
 
+    public function testHeaderOverflowShouldNotEmitErrorWhenDataExceedsMaxHeaderSize()
+    {
+        $request = null;
+        $bodyBuffer = null;
+
+        $parser = new RequestHeaderParser();
+        $parser->on('headers', function ($parsedRequest, $parsedBodyBuffer) use (&$request, &$bodyBuffer) {
+            $request = $parsedRequest;
+            $bodyBuffer = $parsedBodyBuffer;
+        });
+
+        $data = $this->createAdvancedPostRequest();
+        $body = str_repeat('A', 4097 - strlen($data));
+        $data .= $body;
+
+        $parser->feed($data);
+
+        $headers = array(
+            'Host' => 'example.com:80',
+            'User-Agent' => 'react/alpha',
+            'Connection' => 'close',
+        );
+        $this->assertSame($headers, $request->getHeaders());
+
+        $this->assertSame($body, $bodyBuffer);
+    }
+
     public function testGuzzleRequestParseException()
     {
         $error = null;
