IntenseWebs/nginx
3
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-01-08 07:03:01 -06:00
Code Issues Packages Projects Releases Wiki Activity

Headers with null character are now rejected.

Browse Source 
Headers with NUL character aren't allowed by HTTP standard and may cause
various security problems.  They are now unconditionally rejected.
This commit is contained in:
Maxim Dounin 2012-03-15 11:27:57 +00:00
parent eb526b7d7d
commit d1ed97b18b
1 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/http/ngx_http_parse.c
View File

@ -874,6 +874,10 @@ ngx_http_parse_header_line(ngx_http_request_t *r, ngx_buf_t *b,
break;
}
if (ch == '\0') {
return NGX_HTTP_PARSE_INVALID_HEADER;
}
r->invalid_header = 1;
break;
@ -936,6 +940,10 @@ ngx_http_parse_header_line(ngx_http_request_t *r, ngx_buf_t *b,
break;
}
if (ch == '\0') {
return NGX_HTTP_PARSE_INVALID_HEADER;
}
r->invalid_header = 1;
break;
@ -954,6 +962,8 @@ ngx_http_parse_header_line(ngx_http_request_t *r, ngx_buf_t *b,
r->header_start = p;
r->header_end = p;
goto done;
case '\0':
return NGX_HTTP_PARSE_INVALID_HEADER;
default:
r->header_start = p;
state = sw_value;
@ -975,6 +985,8 @@ ngx_http_parse_header_line(ngx_http_request_t *r, ngx_buf_t *b,
case LF:
r->header_end = p;
goto done;
case '\0':
return NGX_HTTP_PARSE_INVALID_HEADER;
}
break;
@ -988,6 +1000,8 @@ ngx_http_parse_header_line(ngx_http_request_t *r, ngx_buf_t *b,
break;
case LF:
goto done;
case '\0':
return NGX_HTTP_PARSE_INVALID_HEADER;
default:
state = sw_value;
break;