[vlc-commits] https: validate header field name
Rémi Denis-Courmont
git at videolan.org
Mon Dec 14 22:35:08 CET 2015
vlc | branch: master | Rémi Denis-Courmont <remi at remlab.net> | Mon Dec 14 22:09:02 2015 +0200| [5986533565668607231587892204e7f01f11c32d] | committer: Rémi Denis-Courmont
https: validate header field name
> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=5986533565668607231587892204e7f01f11c32d
---
modules/access/http/message.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/modules/access/http/message.c b/modules/access/http/message.c
index 6850430..789b961 100644
--- a/modules/access/http/message.c
+++ b/modules/access/http/message.c
@@ -47,9 +47,17 @@ struct vlc_http_msg
struct vlc_http_stream *payload;
};
+static bool vlc_http_is_token(const char *);
+
static int vlc_http_msg_vadd_header(struct vlc_http_msg *m, const char *name,
const char *fmt, va_list ap)
{
+ if (!vlc_http_is_token(name))
+ { /* Not a valid field name, i.e. not an HTTP token */
+ errno = EINVAL;
+ return -1;
+ }
+
char *(*h)[2] = realloc(m->headers, sizeof (char *[2]) * (m->count + 1));
if (unlikely(h == NULL))
return -1;
@@ -495,6 +503,12 @@ static size_t vlc_http_token_length(const char *str)
return i;
}
+static bool vlc_http_is_token(const char *str)
+{
+ size_t len = vlc_http_token_length(str);
+ return len > 0 && str[len] == '\0';
+}
+
static size_t vlc_http_comment_length(const char *str)
{ /* IETF RFC7230 §3.2.6 */
if (*str != '(')
More information about the vlc-commits
mailing list