[master] e000786 Ignore invalid HTTP headers

Andreas Plesner Jacobsen apj at varnish-cache.org
Mon Sep 5 12:13:03 CEST 2011


commit e0007862dee9352d63bc2da613304f4652810b9d
Author: Andreas Plesner Jacobsen <apj at mutt.dk>
Date:   Mon Sep 5 12:05:24 2011 +0200

    Ignore invalid HTTP headers

diff --git a/bin/varnishncsa/varnishncsa.c b/bin/varnishncsa/varnishncsa.c
index 9ebb096..25c63ee 100644
--- a/bin/varnishncsa/varnishncsa.c
+++ b/bin/varnishncsa/varnishncsa.c
@@ -250,7 +250,7 @@ static int
 collect_backend(struct logline *lp, enum VSL_tag_e tag, unsigned spec,
     const char *ptr, unsigned len)
 {
-	const char *end, *next;
+	const char *end, *next, *split;
 
 	assert(spec & VSL_S_BACKEND);
 	end = ptr + len;
@@ -330,18 +330,19 @@ collect_backend(struct logline *lp, enum VSL_tag_e tag, unsigned spec,
 		break;
 
 	case SLT_TxHeader:
+		split = strchr(ptr, ':');
 		if (!lp->active)
 			break;
+		if (split == NULL)
+			break;
 		if (isprefix(ptr, "authorization:", end, &next) &&
 		    isprefix(next, "basic", end, &next)) {
 			lp->df_u = trimline(next, end);
 		} else {
 			struct hdr *h;
-			const char *split;
 			size_t l;
 			h = malloc(sizeof(struct hdr));
 			AN(h);
-			split = strchr(ptr, ':');
 			AN(split);
 			l = strlen(split);
 			h->key = trimline(ptr, split-1);
@@ -369,7 +370,7 @@ static int
 collect_client(struct logline *lp, enum VSL_tag_e tag, unsigned spec,
     const char *ptr, unsigned len)
 {
-	const char *end, *next;
+	const char *end, *next, *split;
 	long l;
 	time_t t;
 
@@ -437,8 +438,11 @@ collect_client(struct logline *lp, enum VSL_tag_e tag, unsigned spec,
 
 	case SLT_TxHeader:
 	case SLT_RxHeader:
+		split = strchr(ptr, ':');
 		if (!lp->active)
 			break;
+		if (split == NULL)
+			break;
 		if (tag == SLT_RxHeader &&
 		    isprefix(ptr, "authorization:", end, &next) &&
 		    isprefix(next, "basic", end, &next)) {
@@ -446,10 +450,8 @@ collect_client(struct logline *lp, enum VSL_tag_e tag, unsigned spec,
 			lp->df_u = trimline(next, end);
 		} else {
 			struct hdr *h;
-			const char *split;
 			h = malloc(sizeof(struct hdr));
 			AN(h);
-			split = strchr(ptr, ':');
 			AN(split);
 			h->key = trimline(ptr, split);
 			h->value = trimline(split+1, end);



More information about the varnish-commit mailing list