Projects
openEuler:24.03:SP1:Everything
netty3
_service:tar_scm:CVE-2019-16869.patch
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm:CVE-2019-16869.patch of Package netty3
From 39cafcb05c99f2aa9fce7e6597664c9ed6a63a95 Mon Sep 17 00:00:00 2001 From: Norman Maurer <norman_maurer@apple.com> Date: Fri, 20 Sep 2019 21:02:11 +0200 Subject: [PATCH] Correctly handle whitespaces in HTTP header names as defined by RFC7230#section-3.2.4 (#9585) Motivation: When parsing HTTP headers special care needs to be taken when a whitespace is detected in the header name. Modifications: - Ignore whitespace when decoding response (just like before) - Throw exception when whitespace is detected during parsing - Add unit tests Result: Fixes https://github.com/netty/netty/issues/9571 --- .../handler/codec/http/HttpObjectDecoder.java | 16 +++++++++++++++- .../codec/http/HttpRequestDecoderTest.java | 14 ++++++++++++++ .../codec/http/HttpResponseDecoderTest.java | 15 +++++++++++++++ 3 files changed, 44 insertions(+), 1 deletion(-) --- a/src/main/java/org/jboss/netty/handler/codec/http/HttpMessageDecoder.java +++ b/src/main/java/org/jboss/netty/handler/codec/http/HttpMessageDecoder.java @@ -700,7 +700,7 @@ cStart < cEnd? sb.substring(cStart, cEnd) : "" }; } - private static String[] splitHeader(String sb) { + private String[] splitHeader(String sb) { final int length = sb.length(); int nameStart; int nameEnd; @@ -711,7 +711,21 @@ nameStart = findNonWhitespace(sb, 0); for (nameEnd = nameStart; nameEnd < length; nameEnd ++) { char ch = sb.charAt(nameEnd); - if (ch == ':' || Character.isWhitespace(ch)) { + // https://tools.ietf.org/html/rfc7230#section-3.2.4 + // + // No whitespace is allowed between the header field-name and colon. In + // the past, differences in the handling of such whitespace have led to + // security vulnerabilities in request routing and response handling. A + // server MUST reject any received request message that contains + // whitespace between a header field-name and colon with a response code + // of 400 (Bad Request). A proxy MUST remove any such whitespace from a + // response message before forwarding the message downstream. + if (ch == ':' || + // In case of decoding a request we will just continue processing and header validation + // is done in the DefaultHttpHeaders implementation. + // + // In the case of decoding a response we will "skip" the whitespace. + (!isDecodingRequest() && Character.isWhitespace(ch))) { break; } }
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2