Welcome! Log In Create A New Profile

[PATCH 2 of 4] HTTP/2: reject HTTP/2 requests with invalid "TE" header value

Forum List Message List New Topic Print View

Piotr Sikora via nginx-devel

June 13, 2017 08:22AM

# HG changeset patch
# User Piotr Sikora <piotrsikora@google.com>
# Date 1490516709 25200
# Sun Mar 26 01:25:09 2017 -0700
# Node ID 349648a6f91f9bd5cc80d22390b95c2239a8bfb3
# Parent 10c3f4c37f96ef496eff859b6f6815817e79455a
HTTP/2: reject HTTP/2 requests with invalid "TE" header value.

Signed-off-by: Piotr Sikora <piotrsikora@google.com>

diff -r 10c3f4c37f96 -r 349648a6f91f src/http/ngx_http_request.c
--- a/src/http/ngx_http_request.c
+++ b/src/http/ngx_http_request.c
@@ -27,6 +27,8 @@ static ngx_int_t ngx_http_process_host(n
ngx_table_elt_t *h, ngx_uint_t offset);
static ngx_int_t ngx_http_process_connection(ngx_http_request_t *r,
ngx_table_elt_t *h, ngx_uint_t offset);
+static ngx_int_t ngx_http_process_te(ngx_http_request_t *r,
+ ngx_table_elt_t *h, ngx_uint_t offset);
static ngx_int_t ngx_http_process_user_agent(ngx_http_request_t *r,
ngx_table_elt_t *h, ngx_uint_t offset);

@@ -128,6 +130,10 @@ ngx_http_header_t ngx_http_headers_in[]
offsetof(ngx_http_headers_in_t, if_range),
ngx_http_process_unique_header_line },

+ { ngx_string("TE"),
+ offsetof(ngx_http_headers_in_t, te),
+ ngx_http_process_te },
+
{ ngx_string("Transfer-Encoding"),
offsetof(ngx_http_headers_in_t, transfer_encoding),
ngx_http_process_header_line },
@@ -1706,6 +1712,37 @@ ngx_http_process_connection(ngx_http_req

static ngx_int_t
+ngx_http_process_te(ngx_http_request_t *r, ngx_table_elt_t *h,
+ ngx_uint_t offset)
+{
+ if (r->headers_in.te == NULL) {
+ r->headers_in.te = h;
+ }
+
+ if (h->value.len == sizeof("trailers") - 1
+ && ngx_memcmp(h->value.data, "trailers", sizeof("trailers") - 1) == 0)
+ {
+ return NGX_OK;
+ }
+
+#if (NGX_HTTP_V2)
+
+ if (r->stream) {
+ ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
+ "client sent HTTP/2 request with invalid header value: "
+ "\"TE: %V\"", &h->value);
+
+ ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
+ return NGX_ERROR;
+ }
+
+#endif
+
+ return NGX_OK;
+}
+
+
+static ngx_int_t
ngx_http_process_user_agent(ngx_http_request_t *r, ngx_table_elt_t *h,
ngx_uint_t offset)
{
diff -r 10c3f4c37f96 -r 349648a6f91f src/http/ngx_http_request.h
--- a/src/http/ngx_http_request.h
+++ b/src/http/ngx_http_request.h
@@ -196,6 +196,7 @@ typedef struct {
ngx_table_elt_t *range;
ngx_table_elt_t *if_range;

+ ngx_table_elt_t *te;
ngx_table_elt_t *transfer_encoding;
ngx_table_elt_t *expect;
ngx_table_elt_t *upgrade;
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

Reply Quote

RSS

Subject	Author	Views	Posted
[PATCH 1 of 4] HTTP/2: reject HTTP/2 requests with "Connection" header	Piotr Sikora via nginx-devel	346	June 13, 2017 08:22AM
[PATCH 2 of 4] HTTP/2: reject HTTP/2 requests with invalid "TE" header value	Piotr Sikora via nginx-devel	168	June 13, 2017 08:22AM
[PATCH 3 of 4] HTTP/2: reject HTTP/2 requests with "Transfer-Encoding" header	Piotr Sikora via nginx-devel	158	June 13, 2017 08:22AM
[PATCH 4 of 4] HTTP/2: reject HTTP/2 requests with connection-specific headers	Piotr Sikora via nginx-devel	173	June 13, 2017 08:22AM
Re: [PATCH 4 of 4] HTTP/2: reject HTTP/2 requests with connection-specific headers	Maxim Dounin	173	June 14, 2017 03:02PM
Re: [PATCH 4 of 4] HTTP/2: reject HTTP/2 requests with connection-specific headers	Piotr Sikora via nginx-devel	139	June 17, 2017 04:58PM
Re: [PATCH 4 of 4] HTTP/2: reject HTTP/2 requests with connection-specific headers	Maxim Dounin	172	June 19, 2017 09:48AM