Mercurial > hg > nginx

diff src/http/ngx_http_parse.c @ 4530:667aaf61a778
Headers with null character are now rejected. Headers with NUL character aren't allowed by HTTP standard and may cause various security problems. They are now unconditionally rejected.
author: Maxim Dounin <mdounin@mdounin.ru>
date: Thu, 15 Mar 2012 11:27:57 +0000
parents: d620f497c50f
children: 4988fa232629
--- a/src/http/ngx_http_parse.c	Thu Mar 15 11:27:12 2012 +0000
+++ b/src/http/ngx_http_parse.c	Thu Mar 15 11:27:57 2012 +0000
@@ -874,6 +874,10 @@
                     break;
                 }
 
+                if (ch == '\0') {
+                    return NGX_HTTP_PARSE_INVALID_HEADER;
+                }
+
                 r->invalid_header = 1;
 
                 break;
@@ -936,6 +940,10 @@
                 break;
             }
 
+            if (ch == '\0') {
+                return NGX_HTTP_PARSE_INVALID_HEADER;
+            }
+
             r->invalid_header = 1;
 
             break;
@@ -954,6 +962,8 @@
                 r->header_start = p;
                 r->header_end = p;
                 goto done;
+            case '\0':
+                return NGX_HTTP_PARSE_INVALID_HEADER;
             default:
                 r->header_start = p;
                 state = sw_value;
@@ -975,6 +985,8 @@
             case LF:
                 r->header_end = p;
                 goto done;
+            case '\0':
+                return NGX_HTTP_PARSE_INVALID_HEADER;
             }
             break;
 
@@ -988,6 +1000,8 @@
                 break;
             case LF:
                 goto done;
+            case '\0':
+                return NGX_HTTP_PARSE_INVALID_HEADER;
             default:
                 state = sw_value;
                 break;
author	Maxim Dounin <mdounin@mdounin.ru>
date	Thu, 15 Mar 2012 11:27:57 +0000
parents	d620f497c50f
children	4988fa232629