-
-
Save ChALkeR/8caafa6099bc4c2dabcb to your computer and use it in GitHub Desktop.
4.1.0 data leak, server, variant 2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var http = require('http'); | |
| var fs = require('fs'); | |
| function doSomethingWithData(data, c) { | |
| setTimeout(c, 100); | |
| } | |
| http.createServer(function(req, res) { | |
| // This represents one endpoint | |
| // This is alternative to reading an empty file. Does not deal with files. | |
| if (req.url === '/file1') { | |
| var chunks = []; | |
| req.on('data', function(chunk) { | |
| // chunk is a Buffer | |
| chunks.push(chunk); | |
| }); | |
| req.on('end', function() { | |
| // This is a common way of collecting the request body. | |
| var data = Buffer.concat(chunks); | |
| doSomethingWithData(data, function() { | |
| res.end(); | |
| }); | |
| }); | |
| return; | |
| } | |
| // This represents an endpoint that receives data | |
| if (/^\/stuff\//.test(req.url)) { | |
| req.on('data', function (chunk) {}); | |
| req.on('end', function() { | |
| res.end(); | |
| }); | |
| return; | |
| } | |
| // This represents another endpoint | |
| if (/^\/token\//.test(req.url)) { | |
| var x = new Uint8Array(1000); | |
| if (req.url !== '/token/invalid') { | |
| x.fill(42); // fill x with something for valid stuff | |
| } // else do nothing for invalid stuff, but that's ok, correct? Nothing could go wrong. There are zeroes there! | |
| res.write(x.toString()); | |
| res.end(); | |
| return; | |
| } | |
| res.end(); | |
| }).listen(7777); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment