diff options
| author | Max Kellermann <max@duempel.org> | 2014-08-12 15:33:45 +0200 |
|---|---|---|
| committer | Max Kellermann <max@duempel.org> | 2014-08-12 15:33:45 +0200 |
| commit | cf797657ed619f4908a3d47b7e37c25fb7133454 (patch) | |
| tree | 8015c408978791a2e7c55b84ac84b68058aebf60 | |
| parent | c597538b4023fd1f40bbb66f79caa508b223a8f2 (diff) | |
| download | mpd-cf797657ed619f4908a3d47b7e37c25fb7133454.tar.gz mpd-cf797657ed619f4908a3d47b7e37c25fb7133454.tar.xz mpd-cf797657ed619f4908a3d47b7e37c25fb7133454.zip | |
AllCommands: close connection after syntax error
Stop HTTP clients from exploiting MPD via forged POST requests.
| -rw-r--r-- | NEWS | 1 | ||||
| -rw-r--r-- | src/command/AllCommands.cxx | 4 |
2 files changed, 4 insertions, 1 deletions
@@ -8,6 +8,7 @@ ver 0.19 (not yet released) - "list" on album artist falls back to the artist tag - "list" and "count" allow grouping - new "search"/"find" filter "modified-since" + - close connection after syntax error * database - proxy: forward "idle" events - proxy: forward the "update" command diff --git a/src/command/AllCommands.cxx b/src/command/AllCommands.cxx index d29950eeb..6a4b18198 100644 --- a/src/command/AllCommands.cxx +++ b/src/command/AllCommands.cxx @@ -369,7 +369,9 @@ command_process(Client &client, unsigned num, char *line) current_command = nullptr; - return CommandResult::ERROR; + /* this client does not speak the MPD protocol; kick + the connection */ + return CommandResult::FINISH; } unsigned argc = 1; |