Don't allow control characters in outgoing name/value pairs
This check is done in spdylay_submit_* family functions and they will return error if they found control characters.
This commit is contained in:
parent
10c54e44ba
commit
439b34f49f
|
@ -1302,11 +1302,17 @@ ssize_t spdylay_frame_nv_offset(spdylay_frame_type type, uint16_t version)
|
||||||
|
|
||||||
int spdylay_frame_nv_check_null(const char **nv)
|
int spdylay_frame_nv_check_null(const char **nv)
|
||||||
{
|
{
|
||||||
size_t i;
|
size_t i, j;
|
||||||
for(i = 0; nv[i]; i += 2) {
|
for(i = 0; nv[i]; i += 2) {
|
||||||
if(nv[i][0] == '\0' || nv[i+1] == NULL) {
|
if(nv[i][0] == '\0' || nv[i+1] == NULL) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
for(j = 0; nv[i][j]; ++j) {
|
||||||
|
unsigned char c = nv[i][j];
|
||||||
|
if(c < 0x20 || c > 0x7e) {
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
|
@ -794,7 +794,8 @@ void spdylay_frame_iv_sort(spdylay_settings_entry *iv, size_t niv);
|
||||||
ssize_t spdylay_frame_nv_offset(spdylay_frame_type type, uint16_t version);
|
ssize_t spdylay_frame_nv_offset(spdylay_frame_type type, uint16_t version);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Checks names are not empty string and values are not NULL.
|
* Checks names are not empty string and do not contain control
|
||||||
|
* characters and values are not NULL.
|
||||||
*
|
*
|
||||||
* This function returns nonzero if it succeeds, or 0.
|
* This function returns nonzero if it succeeds, or 0.
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -226,6 +226,8 @@ int main(int argc, char* argv[])
|
||||||
test_spdylay_frame_unpack_nv_last_empty_value_spdy3) ||
|
test_spdylay_frame_unpack_nv_last_empty_value_spdy3) ||
|
||||||
!CU_add_test(pSuite, "frame_nv_set_origin",
|
!CU_add_test(pSuite, "frame_nv_set_origin",
|
||||||
test_spdylay_frame_nv_set_origin) ||
|
test_spdylay_frame_nv_set_origin) ||
|
||||||
|
!CU_add_test(pSuite, "frame_nv_check_null",
|
||||||
|
test_spdylay_frame_nv_check_null) ||
|
||||||
!CU_add_test(pSuite, "stream_add_pushed_stream",
|
!CU_add_test(pSuite, "stream_add_pushed_stream",
|
||||||
test_spdylay_stream_add_pushed_stream) ||
|
test_spdylay_stream_add_pushed_stream) ||
|
||||||
!CU_add_test(pSuite, "client_cert_vector_find",
|
!CU_add_test(pSuite, "client_cert_vector_find",
|
||||||
|
|
|
@ -986,3 +986,16 @@ void test_spdylay_frame_nv_set_origin(void)
|
||||||
CU_ASSERT(SPDYLAY_ERR_INVALID_ARGUMENT ==
|
CU_ASSERT(SPDYLAY_ERR_INVALID_ARGUMENT ==
|
||||||
spdylay_frame_nv_set_origin((char**)nv5, &origin));
|
spdylay_frame_nv_set_origin((char**)nv5, &origin));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void test_spdylay_frame_nv_check_null(void)
|
||||||
|
{
|
||||||
|
const char *headers1[] = { "path", "/", "host", "a", NULL };
|
||||||
|
const char *headers2[] = { "", "/", "host", "a", NULL };
|
||||||
|
const char *headers3[] = { "path", "/", "host\x01", "a", NULL };
|
||||||
|
const char *headers4[] = { "path", "/", "host", NULL, NULL };
|
||||||
|
|
||||||
|
CU_ASSERT(spdylay_frame_nv_check_null(headers1));
|
||||||
|
CU_ASSERT(0 == spdylay_frame_nv_check_null(headers2));
|
||||||
|
CU_ASSERT(0 == spdylay_frame_nv_check_null(headers3));
|
||||||
|
CU_ASSERT(0 == spdylay_frame_nv_check_null(headers4));
|
||||||
|
}
|
||||||
|
|
|
@ -55,5 +55,6 @@ void test_spdylay_frame_unpack_nv_check_name_spdy3(void);
|
||||||
void test_spdylay_frame_unpack_nv_last_empty_value_spdy2(void);
|
void test_spdylay_frame_unpack_nv_last_empty_value_spdy2(void);
|
||||||
void test_spdylay_frame_unpack_nv_last_empty_value_spdy3(void);
|
void test_spdylay_frame_unpack_nv_last_empty_value_spdy3(void);
|
||||||
void test_spdylay_frame_nv_set_origin(void);
|
void test_spdylay_frame_nv_set_origin(void);
|
||||||
|
void test_spdylay_frame_nv_check_null(void);
|
||||||
|
|
||||||
#endif /* SPDYLAY_FRAME_TEST_H */
|
#endif /* SPDYLAY_FRAME_TEST_H */
|
||||||
|
|
Loading…
Reference in New Issue