[6.2] 34717183b Be stricter on final [CR]LF parsing in http1_dissect_hdrs
Martin Blix Grydeland
martin at varnish-software.com
Tue Sep 3 10:06:05 UTC 2019
commit 34717183beda3803e3d54c9826a1a9f026ca2505
Author: Martin Blix Grydeland <martin at varnish-software.com>
Date: Thu Aug 15 11:19:41 2019 +0200
Be stricter on final [CR]LF parsing in http1_dissect_hdrs
The end of http1_dissect_hdrs ends with skipping over the final [CR]LF
that marks then end of the headers. Currently that skip is optional, that
is, it is skipped if it was present.
This patch adds an assert if the final [CR]LF is not found when finishing
the parsing. HTTP1_Complete guarantees that it is there, if not we would
not have started parsing the request or response in the first place, and
if it is missing, there must be an error in the parsing leading up to it.
diff --git a/bin/varnishd/http1/cache_http1_proto.c b/bin/varnishd/http1/cache_http1_proto.c
index 53d542196..7f34e19be 100644
--- a/bin/varnishd/http1/cache_http1_proto.c
+++ b/bin/varnishd/http1/cache_http1_proto.c
@@ -111,6 +111,7 @@ http1_dissect_hdrs(struct http *hp, char *p, struct http_conn *htc,
unsigned maxhdr)
{
char *q, *r, *s;
+ int i;
assert(p > htc->rxbuf_b);
assert(p <= htc->rxbuf_e);
@@ -200,11 +201,9 @@ http1_dissect_hdrs(struct http *hp, char *p, struct http_conn *htc,
return (400);
}
}
- /* We cannot use vct_skipcrlf() we have to respect rxbuf_e */
- if (p+2 <= htc->rxbuf_e && p[0] == '\r' && p[1] == '\n')
- p += 2;
- else if (p+1 <= htc->rxbuf_e && p[0] == '\n')
- p += 1;
+ i = vct_iscrlf(p, htc->rxbuf_e);
+ assert(i > 0); /* HTTP1_Complete guarantees this */
+ p += i;
HTC_RxPipeline(htc, p);
htc->rxbuf_e = p;
return (0);
More information about the varnish-commit
mailing list