Skip to content

Commit

Permalink
[release-branch.go1.17] net/http: preserve nil values in Header.Clone
Browse files Browse the repository at this point in the history 
ReverseProxy makes a distinction between nil and zero-length header values.
Avoid losing nil-ness when cloning a request.

Thanks to Christian Mehlmauer for discovering this.

For golang#53423
For CVE-2022-32148
Fixes golang#53620

Change-Id: Ice369cdb4712e2d62e25bb881b080847aa4801f5
Reviewed-on: https://go-review.googlesource.com/c/go/+/412857
Reviewed-by: Ian Lance Taylor <iant@google.com>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
(cherry picked from commit b2cc0fe)
Reviewed-on: https://go-review.googlesource.com/c/go/+/415221
Reviewed-by: Heschi Kreinick <heschi@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Michael Knyszek <mknyszek@google.com>
Run-TryBot: Heschi Kreinick <heschi@google.com>
Reviewed-by: Michael Knyszek <mknyszek@google.com>
  • Loading branch information
@neild @danbudris
neild authored and danbudris committed Sep 14, 2022
1 parent b8c48c1 commit a966897
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 0 deletions.
6 changes: 6 additions & 0 deletions src/net/http/header.go
View file
Expand Up @@ -100,6 +100,12 @@ func (h Header) Clone() Header {
sv := make([]string, nv) // shared backing array for headers' values
h2 := make(Header, len(h))
for k, vv := range h {
if vv == nil {
// Preserve nil values. ReverseProxy distinguishes
// between nil and zero-length header values.
h2[k] = nil
continue
}
n := copy(sv, vv)
h2[k] = sv[:n:n]
sv = sv[n:]
Expand Down
5 changes: 5 additions & 0 deletions src/net/http/header_test.go
View file
Expand Up @@ -235,6 +235,11 @@ func TestCloneOrMakeHeader(t *testing.T) {
in: Header{"foo": {"bar"}},
want: Header{"foo": {"bar"}},
},
{
name: "nil value",
in: Header{"foo": nil},
want: Header{"foo": nil},
},
}

for _, tt := range tests {
Expand Down

0 comments on commit a966897

Please sign in to comment.