From 9b0c7618c54797ceb9be74dcdef0cb63e07185c4 Mon Sep 17 00:00:00 2001 From: Ryan Dahl Date: Fri, 18 Feb 2011 00:35:39 -0800 Subject: [PATCH] HTTP Agent should not die on evil server Closes GH-680. --- lib/http.js | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/lib/http.js b/lib/http.js index c2f6e18741..8c7658ea4b 100644 --- a/lib/http.js +++ b/lib/http.js @@ -1244,9 +1244,15 @@ Agent.prototype._establishNewConnection = function() { parser.onIncoming = function(res, shouldKeepAlive) { debug('AGENT incoming response!'); - var req = socket._httpMessage; - assert(req); + // If we're receiving a message but we don't have a corresponding + // request - then somehow the server is seriously messed up and sending + // multiple responses at us. In this case we'll just bail. + if (!socket._httpMessage) { + socket.destroy(); + return; + } + var req = socket._httpMessage; req.res = res; // Responses to HEAD requests are AWFUL. Ask Ryan.