[master] e000786 Ignore invalid HTTP headers
Andreas Plesner Jacobsen
apj at varnish-cache.org
Mon Sep 5 12:13:03 CEST 2011
commit e0007862dee9352d63bc2da613304f4652810b9d
Author: Andreas Plesner Jacobsen <apj at mutt.dk>
Date: Mon Sep 5 12:05:24 2011 +0200
Ignore invalid HTTP headers
diff --git a/bin/varnishncsa/varnishncsa.c b/bin/varnishncsa/varnishncsa.c
index 9ebb096..25c63ee 100644
--- a/bin/varnishncsa/varnishncsa.c
+++ b/bin/varnishncsa/varnishncsa.c
@@ -250,7 +250,7 @@ static int
collect_backend(struct logline *lp, enum VSL_tag_e tag, unsigned spec,
const char *ptr, unsigned len)
{
- const char *end, *next;
+ const char *end, *next, *split;
assert(spec & VSL_S_BACKEND);
end = ptr + len;
@@ -330,18 +330,19 @@ collect_backend(struct logline *lp, enum VSL_tag_e tag, unsigned spec,
break;
case SLT_TxHeader:
+ split = strchr(ptr, ':');
if (!lp->active)
break;
+ if (split == NULL)
+ break;
if (isprefix(ptr, "authorization:", end, &next) &&
isprefix(next, "basic", end, &next)) {
lp->df_u = trimline(next, end);
} else {
struct hdr *h;
- const char *split;
size_t l;
h = malloc(sizeof(struct hdr));
AN(h);
- split = strchr(ptr, ':');
AN(split);
l = strlen(split);
h->key = trimline(ptr, split-1);
@@ -369,7 +370,7 @@ static int
collect_client(struct logline *lp, enum VSL_tag_e tag, unsigned spec,
const char *ptr, unsigned len)
{
- const char *end, *next;
+ const char *end, *next, *split;
long l;
time_t t;
@@ -437,8 +438,11 @@ collect_client(struct logline *lp, enum VSL_tag_e tag, unsigned spec,
case SLT_TxHeader:
case SLT_RxHeader:
+ split = strchr(ptr, ':');
if (!lp->active)
break;
+ if (split == NULL)
+ break;
if (tag == SLT_RxHeader &&
isprefix(ptr, "authorization:", end, &next) &&
isprefix(next, "basic", end, &next)) {
@@ -446,10 +450,8 @@ collect_client(struct logline *lp, enum VSL_tag_e tag, unsigned spec,
lp->df_u = trimline(next, end);
} else {
struct hdr *h;
- const char *split;
h = malloc(sizeof(struct hdr));
AN(h);
- split = strchr(ptr, ':');
AN(split);
h->key = trimline(ptr, split);
h->value = trimline(split+1, end);
More information about the varnish-commit
mailing list