Fix CIO headers and chunked parsers #1547

cy6erGn0m · 2020-01-05T19:03:04Z

Subsystem
ktor-server-cio, ktor-client-cio

Motivation

If a header is too long, then CIO parser simply cut it into two that is not correct.
If both content length and chunked encoding specified, then we discard content length. This is correct according to RFC. However, this may lead to undesired consequences.
Both may cause potential security issues, especially with a proxy server.

Solution

Terminate request processing when a header body is too long
Terminate request processing AND connection when the specified content length and decoded chunked content length do not match. Note that this violates RFC however it looks like we have no choice.

e5l · 2020-01-09T11:19:09Z

Commit names

cy6erGn0m · 2020-01-09T11:43:00Z

Merged

Sergey Mashkov added 3 commits January 5, 2020 20:45

~ Fix chunked encoding case with specified content length

d937a1e

Add header line length overrun check

c1bd1ab

~ binary

007f2d2

cy6erGn0m added this to the 1.3.0 milestone Jan 5, 2020

cy6erGn0m requested a review from e5l January 5, 2020 19:03

cy6erGn0m added the Priority High priority or critical label Jan 5, 2020

e5l approved these changes Jan 9, 2020

View reviewed changes

cy6erGn0m closed this Jan 9, 2020

cy6erGn0m deleted the cy/fix-chunked-with-length branch January 9, 2020 11:43

Provide feedback