check if the header contains control characters

fix #1227
benoitc · Mar 18, 2016 · d38804c · d38804c
1 parent 6dcd7a6
commit d38804c
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/gunicorn/http/wsgi.py b/gunicorn/http/wsgi.py
@@ -10,6 +10,7 @@
 import sys
 
 from gunicorn._compat import unquote_to_wsgi_str
+from gunicorn.http.errors import InvalidHeader
 from gunicorn.six import string_types, binary_type, reraise
 from gunicorn import SERVER_SOFTWARE
 import gunicorn.util as util
@@ -28,6 +29,7 @@
 BLKSIZE = 0x3FFFFFFF
 
 NORMALIZE_SPACE = re.compile(r'(?:\r\n)?[ \t]+')
+HEADER_VALUE_RE = re.compile(r"[\x07\x1B\f\n\r\t\v]")
 
 log = logging.getLogger(__name__)
 
@@ -262,6 +264,10 @@ def process_headers(self, headers):
         for name, value in headers:
             if not isinstance(name, string_types):
                 raise TypeError('%r is not a string' % name)
+
+            if HEADER_VALUE_RE.search(value):
+                raise InvalidHeader('%r' % value)
+
             value = str(value).strip()
             lname = name.lower().strip()
             if lname == "content-length":