From: Willy Tarreau Date: Tue, 8 Aug 2023 17:00:50 +0200 Subject: REORG: http: move has_forbidden_char() from h2.c to http.h Origin: https://git.haproxy.org/?p=haproxy-2.6.git;a=commit;h=4a776fd01560a8dfa7a57b30b4d5249c8da7b12c This function is not H2 specific but rather generic to HTTP. We'll need it in H3 soon, so let's move it to HTTP and rename it to http_header_has_forbidden_char(). (cherry picked from commit d4069f3cee0f6e94afaec518b6373dd368073f52) [ad: backported for next patch BUG/MAJOR: h3: reject header values containing invalid chars] Signed-off-by: Amaury Denoyelle (cherry picked from commit 21c4ffd025115058994a3e2765c17fc3cee52f90) Signed-off-by: Amaury Denoyelle (cherry picked from commit 9c0bc4f201cf58c10706416cb4807c0f4794f8ac) Signed-off-by: Amaury Denoyelle --- include/haproxy/http.h | 18 ++++++++++++++++++ src/h2.c | 23 +++-------------------- 2 files changed, 21 insertions(+), 20 deletions(-) diff --git a/include/haproxy/http.h b/include/haproxy/http.h index f597ee4cd1dc..41eca98a1e87 100644 --- a/include/haproxy/http.h +++ b/include/haproxy/http.h @@ -173,6 +173,24 @@ static inline struct http_uri_parser http_uri_parser_init(const struct ist uri) return parser; } +/* Looks into for forbidden characters for header values (0x00, 0x0A, + * 0x0D), starting at pointer which must be within . Returns + * non-zero if such a character is found, 0 otherwise. When run on unlikely + * header match, it's recommended to first check for the presence of control + * chars using ist_find_ctl(). + */ +static inline int http_header_has_forbidden_char(const struct ist ist, const char *start) +{ + do { + if ((uint8_t)*start <= 0x0d && + (1U << (uint8_t)*start) & ((1<<13) | (1<<10) | (1<<0))) + return 1; + start++; + } while (start < istend(ist)); + return 0; +} + + #endif /* _HAPROXY_HTTP_H */ /* diff --git a/src/h2.c b/src/h2.c index f794262ee7af..76c936783461 100644 --- a/src/h2.c +++ b/src/h2.c @@ -49,23 +49,6 @@ struct h2_frame_definition h2_frame_definition[H2_FT_ENTRIES] = { [H2_FT_CONTINUATION ] = { .dir = 3, .min_id = 1, .max_id = H2_MAX_STREAM_ID, .min_len = 0, .max_len = H2_MAX_FRAME_LEN, }, }; -/* Looks into for forbidden characters for header values (0x00, 0x0A, - * 0x0D), starting at pointer which must be within . Returns - * non-zero if such a character is found, 0 otherwise. When run on unlikely - * header match, it's recommended to first check for the presence of control - * chars using ist_find_ctl(). - */ -static int has_forbidden_char(const struct ist ist, const char *start) -{ - do { - if ((uint8_t)*start <= 0x0d && - (1U << (uint8_t)*start) & ((1<<13) | (1<<10) | (1<<0))) - return 1; - start++; - } while (start < istend(ist)); - return 0; -} - /* Prepare the request line into from pseudo headers stored in . * indicates what was found so far. This should be called once at the * detection of the first general header field or at the end of the request if @@ -353,7 +336,7 @@ int h2_make_htx_request(struct http_hdr *list, struct htx *htx, unsigned int *ms * rejecting NUL, CR and LF characters. */ ctl = ist_find_ctl(list[idx].v); - if (unlikely(ctl) && has_forbidden_char(list[idx].v, ctl)) + if (unlikely(ctl) && http_header_has_forbidden_char(list[idx].v, ctl)) goto fail; if (phdr > 0 && phdr < H2_PHDR_NUM_ENTRIES) { @@ -638,7 +621,7 @@ int h2_make_htx_response(struct http_hdr *list, struct htx *htx, unsigned int *m * rejecting NUL, CR and LF characters. */ ctl = ist_find_ctl(list[idx].v); - if (unlikely(ctl) && has_forbidden_char(list[idx].v, ctl)) + if (unlikely(ctl) && http_header_has_forbidden_char(list[idx].v, ctl)) goto fail; if (phdr > 0 && phdr < H2_PHDR_NUM_ENTRIES) { @@ -797,7 +780,7 @@ int h2_make_htx_trailers(struct http_hdr *list, struct htx *htx) * rejecting NUL, CR and LF characters. */ ctl = ist_find_ctl(list[idx].v); - if (unlikely(ctl) && has_forbidden_char(list[idx].v, ctl)) + if (unlikely(ctl) && http_header_has_forbidden_char(list[idx].v, ctl)) goto fail; if (!htx_add_trailer(htx, list[idx].n, list[idx].v)) -- 2.43.0