Permalink
Browse files

HTTP parser: restricting control chars in header fields values.

This also fixes an infinite loop here (found with honggfuzz).
  • Loading branch information...
VBart committed Jan 24, 2018
1 parent 7e3480b commit 477e8177b70acb694759e62d830b8a311a736324
Showing with 1 addition and 3 deletions.
  1. +1 −3 src/nxt_http_parse.c
@@ -650,9 +650,7 @@ nxt_http_parse_field_value(nxt_http_request_parse_t *rp, u_char **pos,
break;
}
if (ch == '\0') {
return NXT_HTTP_PARSE_INVALID;
}
return NXT_HTTP_PARSE_INVALID;
}
if (nxt_fast_path(p != *pos)) {

0 comments on commit 477e817

Please sign in to comment.