Permalink
Browse files

examine the first char of header name (fixes kazuho/p5-http-parser-xs#5)

  • Loading branch information...
1 parent 46502c0 commit 8edde15a568ef08b204e9eef0431ae7e81382d34 @kazuho kazuho committed Nov 6, 2012
Showing with 18 additions and 1 deletion.
  1. +15 −1 picohttpparser.c
  2. +3 −0 test.c
View
@@ -39,6 +39,16 @@
toklen = buf - tok_start; \
} while (0)
+static const char* token_char_map =
+ "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
+ "\0\1\1\1\1\1\1\1\0\0\1\1\0\1\1\0\1\1\1\1\1\1\1\1\1\1\0\0\0\0\0\0"
+ "\0\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\0\0\0\1\1"
+ "\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\1\0\1\0\1\0"
+ "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
+ "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
+ "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
+ "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
+
static const char* get_token_to_eol(const char* buf, const char* buf_end,
const char** token, size_t* token_len,
int* ret)
@@ -159,7 +169,11 @@ static const char* parse_headers(const char* buf, const char* buf_end,
*ret = -1;
return NULL;
}
- if (*num_headers == 0 || ! (*buf == ' ' || *buf == '\t')) {
+ if (! (*num_headers != 0 && (*buf == ' ' || *buf == '\t'))) {
+ if (! token_char_map[(unsigned char)*buf]) {
+ *ret = -1;
+ return NULL;
+ }
/* parsing name, but do not discard SP before colon, see
* http://www.mozilla.org/security/announce/2006/mfsa2006-33.html */
headers[*num_headers].name = buf;
View
3 test.c
@@ -92,6 +92,9 @@ int main(void)
PARSE("GET /hoge HTTP/1.0\r\n\r\n", strlen("GET /hoge HTTP/1.0\r\n\r\n") - 1,
0, "slowloris (complete)");
+ PARSE("GET / HTTP/1.0\r\n:a\r\n\r\n", 0, -1, "empty header name");
+ PARSE("GET / HTTP/1.0\r\n :a\r\n\r\n", 0, -1, "header name (space only)");
+
#undef PARSE
return 0;

0 comments on commit 8edde15

Please sign in to comment.