mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-09-22 22:31:28 +02:00
Code Issues Projects Releases Wiki Activity

BUG/MINOR: h2: reject response pseudo-headers from requests

Browse Source 
At the moment there's only ":status". Let's block it early when parsing
the request. Otherwise it would be blocked by the HTTP/1 code anyway.
This silences another h2spec issue.

To backport to 1.8.
This commit is contained in:
Willy Tarreau 2017-12-03 20:13:54 +01:00
parent 92153fccd3
commit 520886990f
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/h2.c
View File

@ -212,6 +212,10 @@ int h2_make_h1_request(struct http_hdr *list, char *out, int osize)
*(out++) = '\n'; *(out++) = '\n';
} }
/* RFC7540#8.1.2.1 mandates to reject response pseudo-headers (:status) */
if (fields & H2_PHDR_FND_STAT)
goto fail;
/* Let's dump the request now if not yet emitted. */ /* Let's dump the request now if not yet emitted. */
if (!(fields & H2_PHDR_FND_NONE)) { if (!(fields & H2_PHDR_FND_NONE)) {
ret = h2_prepare_h1_reqline(fields, phdr_val, &out, out_end); ret = h2_prepare_h1_reqline(fields, phdr_val, &out, out_end);