You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Packetbeat(all version) encounters a panic when parsing HTTP requests that have a non-standard Host header. The issue occurs in the function extractHostHeader and manifests as an "index out of range" panic.
Steps to Reproduce:
Use Packetbeat to capture HTTP traffic.
Make an HTTP request where the Host header is of the form :12345 (just a port number without the hostname).
Expected Result:
Packetbeat should handle non-standard Host headers gracefully, either by ignoring them or logging an error message.
Actual Result:
Packetbeat panics with "index out of range".
panic: runtime error: index out of range [0] with length 0
goroutine 130 [running]:
*****/protos/http.extractHostHeader({0xc01cf26ea8, 0x3})
*****/protos/http/http.go:737 +0x21b
*****/protos/http.(*httpPlugin).newTransaction(0xc0000f4f70, 0xc0073d8c80, 0xc0 073d9180)
*****/protos/http/http.go:541 +0xbff
*****/protos/http.(*httpPlugin).correlate(0xc0000f4f70, 0xc02930e9c0)
*****/protos/http/http.go:483 +0x111
*****/protos/http.(*httpPlugin).handleHTTP(0xc0000f4f70, 0xc02930e9c0, 0xc0073d 9180, 0x7f1aef56cf18?, 0xa0?)
*****/protos/http/http.go:442 +0x3fb
*****/protos/http.(*httpPlugin).messageComplete(...)
*****/protos/http/http.go:233
The text was updated successfully, but these errors were encountered:
bhapas
changed the title
panic when packetbeat parsing HTTP host header with non-standard format
[packetbeat] panic when parsing HTTP host header with non-standard format
Sep 5, 2023
For confirmed bugs, please report:
Summary:
Packetbeat(all version) encounters a panic when parsing HTTP requests that have a non-standard
Host
header. The issue occurs in the functionextractHostHeader
and manifests as an "index out of range" panic.Steps to Reproduce:
Host
header is of the form:12345
(just a port number without the hostname).Expected Result:
Packetbeat should handle non-standard
Host
headers gracefully, either by ignoring them or logging an error message.Actual Result:
Packetbeat panics with "index out of range".
The text was updated successfully, but these errors were encountered: