Welcome! Log In Create A New Profile

Re: [PATCH 15 of 20] Upstream: header handlers can now return parsing errors

Forum List Message List New Topic Print View

Maxim Dounin

May 12, 2022 08:26PM

Hello!

On Thu, May 12, 2022 at 12:26:37AM +0400, Sergey Kandaurov wrote:

> On Thu, Apr 21, 2022 at 01:18:55AM +0300, Maxim Dounin wrote:
> > # HG changeset patch
> > # User Maxim Dounin <mdounin@mdounin.ru>
> > # Date 1650492336 -10800
> > # Thu Apr 21 01:05:36 2022 +0300
> > # Node ID ab424b5e32405aeec54ccdfe38e9408209209e0a
> > # Parent b110c54778e8f6af3ea402c0838a4f289dcd813e
> > Upstream: header handlers can now return parsing errors.
> >
> > With this change, duplicate Content-Length and Transfer-Encoding headers
> > are now rejected. Further, responses with invalid Content-Length or
> > Transfer-Encoding headers are now rejected, as well as responses with both
> > Content-Length and Transfer-Encoding.
>
> jftr, various 3rd party modules that call header handlers:
> mogilefs, passenger, ajp_module, nginx-clojure, srcache

This should degrade nicely to a generic NGX_ERROR. Slightly less
user-friendly, though shouldn't be a big issue even if duplicate
headers are returned.

>
> >
> > diff --git a/src/http/modules/ngx_http_fastcgi_module.c b/src/http/modules/ngx_http_fastcgi_module.c
> > --- a/src/http/modules/ngx_http_fastcgi_module.c
> > +++ b/src/http/modules/ngx_http_fastcgi_module.c
> > @@ -2007,8 +2007,12 @@ ngx_http_fastcgi_process_header(ngx_http
> > hh = ngx_hash_find(&umcf->headers_in_hash, h->hash,
> > h->lowcase_key, h->key.len);
> >
> > - if (hh && hh->handler(r, h, hh->offset) != NGX_OK) {
> > - return NGX_ERROR;
> > + if (hh) {
> > + rc = hh->handler(r, h, hh->offset);
> > +
> > + if (rc != NGX_OK) {
> > + return rc;
> > + }
> > }
> >
> > ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
> > diff --git a/src/http/modules/ngx_http_grpc_module.c b/src/http/modules/ngx_http_grpc_module.c
> > --- a/src/http/modules/ngx_http_grpc_module.c
> > +++ b/src/http/modules/ngx_http_grpc_module.c
> > @@ -1891,8 +1891,12 @@ ngx_http_grpc_process_header(ngx_http_re
> > hh = ngx_hash_find(&umcf->headers_in_hash, h->hash,
> > h->lowcase_key, h->key.len);
> >
> > - if (hh && hh->handler(r, h, hh->offset) != NGX_OK) {
> > - return NGX_ERROR;
> > + if (hh) {
> > + rc = hh->handler(r, h, hh->offset);
> > +
> > + if (rc != NGX_OK) {
> > + return rc;
> > + }
> > }
> >
> > continue;
> > diff --git a/src/http/modules/ngx_http_proxy_module.c b/src/http/modules/ngx_http_proxy_module.c
> > --- a/src/http/modules/ngx_http_proxy_module.c
> > +++ b/src/http/modules/ngx_http_proxy_module.c
> > @@ -1930,8 +1930,12 @@ ngx_http_proxy_process_header(ngx_http_r
> > hh = ngx_hash_find(&umcf->headers_in_hash, h->hash,
> > h->lowcase_key, h->key.len);
> >
> > - if (hh && hh->handler(r, h, hh->offset) != NGX_OK) {
> > - return NGX_ERROR;
> > + if (hh) {
> > + rc = hh->handler(r, h, hh->offset);
> > +
> > + if (rc != NGX_OK) {
> > + return rc;
> > + }
> > }
> >
> > ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
> > diff --git a/src/http/modules/ngx_http_scgi_module.c b/src/http/modules/ngx_http_scgi_module.c
> > --- a/src/http/modules/ngx_http_scgi_module.c
> > +++ b/src/http/modules/ngx_http_scgi_module.c
> > @@ -1114,8 +1114,12 @@ ngx_http_scgi_process_header(ngx_http_re
> > hh = ngx_hash_find(&umcf->headers_in_hash, h->hash,
> > h->lowcase_key, h->key.len);
> >
> > - if (hh && hh->handler(r, h, hh->offset) != NGX_OK) {
> > - return NGX_ERROR;
> > + if (hh) {
> > + rc = hh->handler(r, h, hh->offset);
> > +
> > + if (rc != NGX_OK) {
> > + return rc;
> > + }
> > }
> >
> > ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
> > diff --git a/src/http/modules/ngx_http_uwsgi_module.c b/src/http/modules/ngx_http_uwsgi_module.c
> > --- a/src/http/modules/ngx_http_uwsgi_module.c
> > +++ b/src/http/modules/ngx_http_uwsgi_module.c
> > @@ -1340,8 +1340,12 @@ ngx_http_uwsgi_process_header(ngx_http_r
> > hh = ngx_hash_find(&umcf->headers_in_hash, h->hash,
> > h->lowcase_key, h->key.len);
> >
> > - if (hh && hh->handler(r, h, hh->offset) != NGX_OK) {
> > - return NGX_ERROR;
> > + if (hh) {
> > + rc = hh->handler(r, h, hh->offset);
> > +
> > + if (rc != NGX_OK) {
> > + return rc;
> > + }
> > }
> >
> > ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
> > diff --git a/src/http/ngx_http_upstream.c b/src/http/ngx_http_upstream.c
> > --- a/src/http/ngx_http_upstream.c
> > +++ b/src/http/ngx_http_upstream.c
> > @@ -4633,10 +4633,34 @@ ngx_http_upstream_process_content_length
> >
> > u = r->upstream;
> >
> > + if (u->headers_in.content_length) {
> > + ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
> > + "upstream sent duplicate header line: \"%V: %V\", "
> > + "previous value: \"%V: %V\"",
> > + &h->key, &h->value,
> > + &u->headers_in.content_length->key,
> > + &u->headers_in.content_length->value);
> > + return NGX_HTTP_UPSTREAM_INVALID_HEADER;
> > + }
> > +
> > + if (u->headers_in.transfer_encoding) {
> > + ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
> > + "upstream sent \"Content-Length\" and "
> > + "\"Transfer-Encoding\" headers at the same time");
> > + return NGX_HTTP_UPSTREAM_INVALID_HEADER;
> > + }
> > +
> > h->next = NULL;
> > u->headers_in.content_length = h;
> > u->headers_in.content_length_n = ngx_atoof(h->value.data, h->value.len);
> >
> > + if (u->headers_in.content_length_n == NGX_ERROR) {
> > + ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
> > + "upstream sent invalid \"Content-Length\" header: "
> > + "\"%V: %V\"", &h->key, &h->value);
> > + return NGX_HTTP_UPSTREAM_INVALID_HEADER;
> > + }
> > +
> > return NGX_OK;
> > }
> >
> > @@ -5021,14 +5045,37 @@ ngx_http_upstream_process_transfer_encod
> > ngx_http_upstream_t *u;
> >
> > u = r->upstream;
> > +
> > + if (u->headers_in.transfer_encoding) {
> > + ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
> > + "upstream sent duplicate header line: \"%V: %V\", "
> > + "previous value: \"%V: %V\"",
> > + &h->key, &h->value,
> > + &u->headers_in.transfer_encoding->key,
> > + &u->headers_in.transfer_encoding->value);
> > + return NGX_HTTP_UPSTREAM_INVALID_HEADER;
> > + }
> > +
> > + if (u->headers_in.content_length) {
> > + ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
> > + "upstream sent \"Content-Length\" and "
> > + "\"Transfer-Encoding\" headers at the same time");
> > + return NGX_HTTP_UPSTREAM_INVALID_HEADER;
> > + }
> > +
> > u->headers_in.transfer_encoding = h;
> > h->next = NULL;
> >
> > - if (ngx_strlcasestrn(h->value.data, h->value.data + h->value.len,
> > - (u_char *) "chunked", 7 - 1)
> > - != NULL)
> > + if (h->value.len == 7
> > + && ngx_strncasecmp(h->value.data, (u_char *) "chunked", 7) == 0)
> > {
> > u->headers_in.chunked = 1;
> > +
> > + } else {
> > + ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
> > + "upstream sent unknown \"Transfer-Encoding\": \"%V\"",
> > + &h->value);
> > + return NGX_HTTP_UPSTREAM_INVALID_HEADER;
> > }
> >
> > return NGX_OK;
>
> This is a subtle(?) change, which makes "chunked" the only valid header value.
> OTOH, it looks fine since other values require explicit support as well.

Note "responses with invalid ... Transfer-Encoding headers are
now rejected" in the commit log.

--
Maxim Dounin
http://mdounin.ru/
_______________________________________________
nginx-devel mailing list -- nginx-devel@nginx.org
To unsubscribe send an email to nginx-devel-leave@nginx.org

Reply Quote

RSS

Subject	Author	Views	Posted
[PATCH 00 of 20] multiple headers handling	Maxim Dounin	864	April 20, 2022 06:38PM
[PATCH 03 of 20] SCGI: combining headers with identical names (ticket #1724)	Maxim Dounin	179	April 20, 2022 06:40PM
[PATCH 02 of 20] FastCGI: combining headers with identical names (ticket #1724)	Maxim Dounin	145	April 20, 2022 06:42PM
Re: [PATCH 02 of 20] FastCGI: combining headers with identical names (ticket #1724)	Sergey Kandaurov	186	May 11, 2022 11:36AM
Re: [PATCH 02 of 20] FastCGI: combining headers with identical names (ticket #1724)	Maxim Dounin	100	May 12, 2022 06:34PM
Re: [PATCH 02 of 20] FastCGI: combining headers with identical names (ticket #1724)	Sergey Kandaurov	213	May 13, 2022 10:06AM
Re: [PATCH 02 of 20] FastCGI: combining headers with identical names (ticket #1724)	Sergey Kandaurov	101	May 13, 2022 10:06AM
[PATCH 04 of 20] Uwsgi: combining headers with identical names (ticket #1724)	Maxim Dounin	148	April 20, 2022 06:44PM
[PATCH 08 of 20] Perl: all known input headers are handled identically	Maxim Dounin	223	April 20, 2022 06:44PM
[PATCH 10 of 20] Upstream: style	Maxim Dounin	191	April 20, 2022 06:46PM
[PATCH 07 of 20] All non-unique input headers are now linked lists	Maxim Dounin	271	April 20, 2022 06:48PM
Re: [PATCH 07 of 20] All non-unique input headers are now linked lists	Sergey Kandaurov	243	May 11, 2022 03:44PM
Re: [PATCH 07 of 20] All non-unique input headers are now linked lists	Maxim Dounin	93	May 12, 2022 07:56PM
[PATCH 09 of 20] Perl: combining unknown headers during $r->header_in() lookup	Maxim Dounin	128	April 20, 2022 06:50PM
[PATCH 12 of 20] Upstream: simplified Accept-Ranges handling	Maxim Dounin	297	April 20, 2022 06:52PM
[PATCH 11 of 20] Upstream: simplified Content-Encoding handling	Maxim Dounin	177	April 20, 2022 06:54PM
Re: [PATCH 11 of 20] Upstream: simplified Content-Encoding handling	Sergey Kandaurov	141	May 11, 2022 04:02PM
Re: [PATCH 11 of 20] Upstream: simplified Content-Encoding handling	Maxim Dounin	129	May 12, 2022 08:20PM
[PATCH 05 of 20] Combining unknown headers during variables lookup (ticket #1316)	Maxim Dounin	123	April 20, 2022 06:56PM
Re: [PATCH 05 of 20] Combining unknown headers during variables lookup (ticket #1316)	Sergey Kandaurov	158	May 11, 2022 12:12PM
Re: [PATCH 05 of 20] Combining unknown headers during variables lookup (ticket #1316)	Maxim Dounin	217	May 12, 2022 07:18PM
[PATCH 06 of 20] Reworked multi headers to use linked lists	Maxim Dounin	191	April 20, 2022 06:58PM
Re: [PATCH 06 of 20] Reworked multi headers to use linked lists	Sergey Kandaurov	130	May 11, 2022 03:24PM
Re: [PATCH 06 of 20] Reworked multi headers to use linked lists	Maxim Dounin	122	May 12, 2022 07:44PM
Re: [PATCH 06 of 20] Reworked multi headers to use linked lists	Sergey Kandaurov	274	June 13, 2022 01:08PM
Re: [PATCH 06 of 20] Reworked multi headers to use linked lists	Maxim Dounin	127	June 13, 2022 06:52PM
[PATCH 14 of 20] Upstream: all known headers in u->headers_in are linked lists now	Maxim Dounin	182	April 20, 2022 07:00PM
[PATCH 13 of 20] All known output headers can be linked lists now	Maxim Dounin	120	April 20, 2022 07:02PM
[PATCH 15 of 20] Upstream: header handlers can now return parsing errors	Maxim Dounin	112	April 20, 2022 07:04PM
Re: [PATCH 15 of 20] Upstream: header handlers can now return parsing errors	Sergey Kandaurov	108	May 11, 2022 04:30PM
Re: [PATCH 15 of 20] Upstream: header handlers can now return parsing errors	Maxim Dounin	128	May 12, 2022 08:26PM
[PATCH 17 of 20] Upstream: handling of multiple Vary headers (ticket #1423)	Maxim Dounin	150	April 20, 2022 07:06PM
Re: [PATCH 17 of 20] Upstream: handling of multiple Vary headers (ticket #1423)	Sergey Kandaurov	132	May 11, 2022 04:48PM
Re: [PATCH 17 of 20] Upstream: handling of multiple Vary headers (ticket #1423)	Maxim Dounin	100	May 12, 2022 08:52PM
[PATCH 18 of 20] Upstream: multiple WWW-Authenticate headers (ticket #485)	Maxim Dounin	119	April 20, 2022 07:08PM
Re: [PATCH 18 of 20] Upstream: multiple WWW-Authenticate headers (ticket #485)	Sergey Kandaurov	137	May 11, 2022 05:06PM
Re: [PATCH 18 of 20] Upstream: multiple WWW-Authenticate headers (ticket #485)	Maxim Dounin	102	May 12, 2022 10:00PM
Re: [PATCH 18 of 20] Upstream: multiple WWW-Authenticate headers (ticket #485)	Sergey Kandaurov	107	May 20, 2022 09:56AM
Re: [PATCH 18 of 20] Upstream: multiple WWW-Authenticate headers (ticket #485)	Maxim Dounin	113	May 20, 2022 05:10PM
[PATCH 16 of 20] Upstream: duplicate headers ignored or properly linked	Maxim Dounin	156	April 20, 2022 07:10PM
Re: [PATCH 16 of 20] Upstream: duplicate headers ignored or properly linked	Sergey Kandaurov	104	May 11, 2022 04:36PM
Re: [PATCH 16 of 20] Upstream: duplicate headers ignored or properly linked	Maxim Dounin	438	May 12, 2022 08:36PM
[PATCH 20 of 20] Headers filter: improved memory allocation error handling	Maxim Dounin	145	April 20, 2022 07:12PM
[PATCH 19 of 20] Auth request: multiple WWW-Authenticate headers (ticket #485)	Maxim Dounin	170	April 20, 2022 07:14PM
[PATCH 00 of 10] multiple headers tests	Maxim Dounin	157	April 20, 2022 07:16PM
[PATCH 01 of 10] Tests: tests for passing Date and Server headers	Maxim Dounin	123	April 20, 2022 07:18PM
[PATCH 02 of 10] Tests: fastcgi tests for combining headers	Maxim Dounin	176	April 20, 2022 07:20PM
[PATCH 03 of 10] Tests: scgi tests for combining headers	Maxim Dounin	124	April 20, 2022 07:20PM
[PATCH 04 of 10] Tests: uwsgi tests for combining headers	Maxim Dounin	93	April 20, 2022 07:22PM
[PATCH 07 of 10] Tests: perl $r->header_in() combining headers test	Maxim Dounin	111	April 20, 2022 07:24PM
[PATCH 09 of 10] Tests: tests for multiple Vary headers (ticket #1423)	Maxim Dounin	113	April 20, 2022 07:26PM
[PATCH 06 of 10] Tests: perl $r->header_in("Connection") test	Maxim Dounin	114	April 20, 2022 07:28PM
[PATCH 05 of 10] Tests: tests for various http header variables	Maxim Dounin	167	April 20, 2022 07:30PM
[PATCH 08 of 10] Tests: tests for duplicate response headers	Maxim Dounin	123	April 20, 2022 07:32PM
[PATCH 10 of 10] Tests: tests for multiple WWW-Authenticate headers (ticket #485)	Maxim Dounin	136	April 20, 2022 07:34PM
Re: [PATCH 00 of 10] multiple headers tests	Sergey Kandaurov	150	May 31, 2022 07:14PM
Re: [PATCH 00 of 10] multiple headers tests	Maxim Dounin	96	June 03, 2022 07:26PM

Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 260

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018