search

dlundquist / sniproxy

Proxies incoming HTTP and TLS connections based on the hostname contained in the initial request of the TCP session.
BSD 2-Clause "Simplified" License
2.57k stars 398 forks source link

Accept CRLF and LF in HTTP headers, fix buffer overflow error. #367

Closed oldium closed 11 months ago

oldium commented 4 years ago

As per RFC 7230, section 3.5, the recipient MAY recognize a single LF as a line terminator and ignore any preceding CR for the start-line and header fields.

This feature is optional by HTTP specification, but it simplifies the scanning algorithm. Now we need to check for single character instead of two.

Also fix buffer overflow, which happens when data length is 0 (empty packet). This can be verified by simply putting assert(*len != 0) in next_header() function and by executing the tests make check afterwards.

Fixes: #366

renaudallard commented 3 years ago

Thanks, I fixed it in my fork, seems to work fine