[6.0] 3eb7a0458 Be stricter on final [CR]LF parsing in http1_dissect_hdrs
Martin Blix Grydeland
martin at varnish-software.com
Tue Sep 3 10:05:06 UTC 2019
commit 3eb7a04587d235bec5a312d3eae652abd8a63a14
Author: Martin Blix Grydeland <martin at varnish-software.com>
Date: Thu Aug 15 11:19:41 2019 +0200
Be stricter on final [CR]LF parsing in http1_dissect_hdrs
The end of http1_dissect_hdrs ends with skipping over the final [CR]LF
that marks then end of the headers. Currently that skip is optional, that
is, it is skipped if it was present.
This patch adds an assert if the final [CR]LF is not found when finishing
the parsing. HTTP1_Complete guarantees that it is there, if not we would
not have started parsing the request or response in the first place, and
if it is missing, there must be an error in the parsing leading up to it.
diff --git a/bin/varnishd/http1/cache_http1_proto.c b/bin/varnishd/http1/cache_http1_proto.c
index e55555bf1..e5203a94e 100644
--- a/bin/varnishd/http1/cache_http1_proto.c
+++ b/bin/varnishd/http1/cache_http1_proto.c
@@ -111,6 +111,7 @@ http1_dissect_hdrs(struct http *hp, char *p, struct http_conn *htc,
unsigned maxhdr)
{
char *q, *r, *s;
+ int i;
assert(p > htc->rxbuf_b);
assert(p <= htc->rxbuf_e);
@@ -206,11 +207,9 @@ http1_dissect_hdrs(struct http *hp, char *p, struct http_conn *htc,
return (400);
}
}
- /* We cannot use vct_skipcrlf() we have to respect rxbuf_e */
- if (p+2 <= htc->rxbuf_e && p[0] == '\r' && p[1] == '\n')
- p += 2;
- else if (p+1 <= htc->rxbuf_e && p[0] == '\n')
- p += 1;
+ i = vct_iscrlf(p, htc->rxbuf_e);
+ assert(i > 0); /* HTTP1_Complete guarantees this */
+ p += i;
HTC_RxPipeline(htc, p);
htc->rxbuf_e = p;
return (0);
More information about the varnish-commit
mailing list