walkero
/
nghttp2
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

nghttpx: Strict validation for header fields given in configuration

This commit is contained in:
Tatsuhiro Tsujikawa 2015-12-25 20:57:24 +09:00
parent e677e37876
commit 486dba8d8a
2 changed files with 18 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/shrpx_config.cc
View File

@ -276,11 +276,9 @@ std::string read_passwd_from_file(const char *filename) {
}
std::pair<std::string, std::string> parse_header(const char *optarg) {
// We skip possible ":" at the start of optarg.
const auto *colon = strchr(optarg + 1, ':');
const auto *colon = strchr(optarg, ':');
// name = ":" is not allowed
if (colon == nullptr || (optarg[0] == ':' && colon == optarg + 1)) {
if (colon == nullptr || colon == optarg) {
return {"", ""};
}
@ -292,6 +290,14 @@ std::pair<std::string, std::string> parse_header(const char *optarg) {
std::string(value, strlen(value)));
util::inp_strlower(p.first);
if (!nghttp2_check_header_name(
reinterpret_cast<const uint8_t *>(p.first.c_str()), p.first.size()) ||
!nghttp2_check_header_value(
reinterpret_cast<const uint8_t *>(p.second.c_str()),
p.second.size())) {
return {"", ""};
}
return p;
}
@ -1799,7 +1805,7 @@ int parse_config(const char *opt, const char *optarg,
case SHRPX_OPTID_ADD_RESPONSE_HEADER: {
auto p = parse_header(optarg);
if (p.first.empty()) {
LOG(ERROR) << opt << ": header field name is empty: " << optarg;
LOG(ERROR) << opt << ": invalid header field: " << optarg;
return -1;
}
if (optid == SHRPX_OPTID_ADD_REQUEST_HEADER) {

9
src/shrpx_config_test.cc
View File

@ -46,8 +46,7 @@ void test_shrpx_config_parse_header(void) {
CU_ASSERT("b" == p.second);
p = parse_header(":a: b");
CU_ASSERT(":a" == p.first);
CU_ASSERT("b" == p.second);
CU_ASSERT(p.first.empty());
p = parse_header("a: :b");
CU_ASSERT("a" == p.first);
@ -59,6 +58,12 @@ void test_shrpx_config_parse_header(void) {
p = parse_header("alpha: bravo charlie");
CU_ASSERT("alpha" == p.first);
CU_ASSERT("bravo charlie" == p.second);
p = parse_header("a,: b");
CU_ASSERT(p.first.empty());
p = parse_header("a: b\x0a");
CU_ASSERT(p.first.empty());
}
void test_shrpx_config_parse_log_format(void) {