nghttp2_check_header_value: Disallow 0x00

lib/includes/nghttp2/nghttp2.h

@@ -2774,8 +2774,7 @@ int nghttp2_is_fatal(int lib_error);
  * @function
  *
  * Returns nonzero if HTTP header field name |name| of length |len| is
- * valid according to
+ * valid according to http://tools.ietf.org/html/rfc7230#section-3.2
- * http://tools.ietf.org/html/draft-ietf-httpbis-p1-messaging-25#section-3.2
  *
  * Because this is a header field name in HTTP2, the upper cased alphabet
  * is treated as error.
@@ -2787,10 +2786,7 @@ int nghttp2_check_header_name(const uint8_t *name, size_t len);
  *
  * Returns nonzero if HTTP header field value |value| of length |len|
  * is valid according to
- * http://tools.ietf.org/html/draft-ietf-httpbis-p1-messaging-25#section-3.2
+ * http://tools.ietf.org/html/rfc7230#section-3.2
- *
- * Because this is HTTP2 header field value, it can contain NULL
- * character (0x00).
  */
 int nghttp2_check_header_value(const uint8_t *value, size_t len);
 

lib/nghttp2_helper.c

@@ -324,7 +324,7 @@ int nghttp2_check_header_name(const uint8_t *name, size_t len)
 }
 
 static int VALID_HD_VALUE_CHARS[] = {
-  1 /* NUL  */, 0 /* SOH  */, 0 /* STX  */, 0 /* ETX  */,
+  0 /* NUL  */, 0 /* SOH  */, 0 /* STX  */, 0 /* ETX  */,
   0 /* EOT  */, 0 /* ENQ  */, 0 /* ACK  */, 0 /* BEL  */,
   0 /* BS   */, 1 /* HT   */, 0 /* LF   */, 0 /* VT   */,
   0 /* FF   */, 0 /* CR   */, 0 /* SO   */, 0 /* SI   */,

tests/nghttp2_helper_test.c

@@ -172,7 +172,7 @@ void test_nghttp2_check_header_name(void)
 
 void test_nghttp2_check_header_value(void)
 {
-  uint8_t goodval[] = { 'a', '\0', 'b', 0x80u, 'c', 0xffu, 'd', '\t', ' ' };
+  uint8_t goodval[] = { 'a', 'b', 0x80u, 'c', 0xffu, 'd', '\t', ' ' };
   uint8_t badval1[] = { 'a', 0x1fu, 'b' };
   uint8_t badval2[] = { 'a', 0x7fu, 'b' };