diff options
author | Valentin Bartenev <vbart@nginx.com> | 2017-06-09 21:49:51 +0300 |
---|---|---|
committer | Valentin Bartenev <vbart@nginx.com> | 2017-06-09 21:49:51 +0300 |
commit | f6e7c2b6a6b36fb54cc771e27dff61b8f079e688 (patch) | |
tree | d4181328e2ab17b10d2cf8010029b79b1d9d4610 | |
parent | c5cd7e5e975b37f6ca1e969da269739218e791c5 (diff) | |
download | unit-f6e7c2b6a6b36fb54cc771e27dff61b8f079e688.tar.gz unit-f6e7c2b6a6b36fb54cc771e27dff61b8f079e688.tar.bz2 |
HTTP parser: fixed handling header fields with missing colon.
Diffstat (limited to '')
-rw-r--r-- | src/nxt_http_parse.c | 4 | ||||
-rw-r--r-- | test/nxt_http_parse_unit_test.c | 12 |
2 files changed, 15 insertions, 1 deletions
diff --git a/src/nxt_http_parse.c b/src/nxt_http_parse.c index 3fc8b494..9424dc8b 100644 --- a/src/nxt_http_parse.c +++ b/src/nxt_http_parse.c @@ -482,7 +482,9 @@ name_end: return nxt_http_parse_field_value(rp, pos, end); } - *pos = &p[i]; + if (nxt_slow_path(i != 0)) { + return NXT_ERROR; + } rp->field_name.length = 0; diff --git a/test/nxt_http_parse_unit_test.c b/test/nxt_http_parse_unit_test.c index d9e03e47..2bc974db 100644 --- a/test/nxt_http_parse_unit_test.c +++ b/test/nxt_http_parse_unit_test.c @@ -221,6 +221,18 @@ static nxt_http_parse_unit_test_case_t nxt_http_unit_test_cases[] = { }, { nxt_string("GET / HTTP/1.1\r\n" + "Host:\r\n\r\n"), + NXT_DONE, + NULL, { NULL } + }, + { + nxt_string("GET / HTTP/1.1\r\n" + "Host example.com\r\n\r\n"), + NXT_ERROR, + NULL, { NULL } + }, + { + nxt_string("GET / HTTP/1.1\r\n" ":Host: example.com\r\n\r\n"), NXT_ERROR, NULL, { NULL } |