[master] 0ba31d78d hpack: Validate header values with vct_ishdrval()
Dridi Boukelmoune
dridi.boukelmoune at gmail.com
Tue Sep 26 13:02:06 UTC 2023
commit 0ba31d78d89168ca888938383472bed0815aeb98
Author: Walid Boudebouda <walid.boudebouda at gmail.com>
Date: Fri Sep 8 17:37:26 2023 +0200
hpack: Validate header values with vct_ishdrval()
Signed-off-by: Dridi Boukelmoune <dridi.boukelmoune at gmail.com>
diff --git a/bin/varnishd/http2/cache_http2_hpack.c b/bin/varnishd/http2/cache_http2_hpack.c
index 35610b616..92befad53 100644
--- a/bin/varnishd/http2/cache_http2_hpack.c
+++ b/bin/varnishd/http2/cache_http2_hpack.c
@@ -112,9 +112,9 @@ h2h_checkhdr(const struct http *hp, const char *b, size_t namelen, size_t len)
state = FLD_VALUE;
/* FALL_THROUGH */
case FLD_VALUE:
- if (*p != 0x09 && (*p < 0x20 || *p == 0x7f)) {
+ if (!vct_ishdrval(*p)) {
VSLb(hp->vsl, SLT_BogoHeader,
- "Illegal field value (control) %.*s",
+ "Illegal field value %.*s",
(int)(len > 20 ? 20 : len), b);
return (H2SE_PROTOCOL_ERROR);
}
More information about the varnish-commit
mailing list