[7.3] 00cca8770 hpack: Validate header values with vct_ishdrval()
Dridi Boukelmoune
dridi.boukelmoune at gmail.com
Tue Oct 24 15:08:14 UTC 2023
commit 00cca87709c6c06fccd8d18df9c61eca652afe83
Author: Walid Boudebouda <walid.boudebouda at gmail.com>
Date: Fri Sep 8 17:37:26 2023 +0200
hpack: Validate header values with vct_ishdrval()
Signed-off-by: Dridi Boukelmoune <dridi.boukelmoune at gmail.com>
diff --git a/bin/varnishd/http2/cache_http2_hpack.c b/bin/varnishd/http2/cache_http2_hpack.c
index b57fda191..74e1d8520 100644
--- a/bin/varnishd/http2/cache_http2_hpack.c
+++ b/bin/varnishd/http2/cache_http2_hpack.c
@@ -112,9 +112,9 @@ h2h_checkhdr(const struct http *hp, const char *b, size_t namelen, size_t len)
state = FLD_VALUE;
/* FALL_THROUGH */
case FLD_VALUE:
- if (*p != 0x09 && (*p < 0x20 || *p == 0x7f)) {
+ if (!vct_ishdrval(*p)) {
VSLb(hp->vsl, SLT_BogoHeader,
- "Illegal field value (control) %.*s",
+ "Illegal field value %.*s",
(int)(len > 20 ? 20 : len), b);
return (H2SE_PROTOCOL_ERROR);
}
More information about the varnish-commit
mailing list