[PATCH] Return an error on duplicated Host headers

Tollef Fog Heen tfheen at varnish-software.com
Mon May 6 09:18:23 CEST 2013 

---

 bin/varnishd/cache/cache.h             |    1 +
 bin/varnishd/cache/cache_http.c        |    2 +-
 bin/varnishd/cache/cache_http1_proto.c |   29 +++++++++++++++++++++++++++++
 3 files changed, 31 insertions(+), 1 deletion(-)

diff --git a/bin/varnishd/cache/cache.h b/bin/varnishd/cache/cache.h
index 865b315..8763669 100644
--- a/bin/varnishd/cache/cache.h
+++ b/bin/varnishd/cache/cache.h
@@ -877,6 +877,7 @@ double http_GetHdrQ(const struct http *hp, const char *hdr, const char *field);
 uint16_t http_GetStatus(const struct http *hp);
 const char *http_GetReq(const struct http *hp);
 int http_HdrIs(const struct http *hp, const char *hdr, const char *val);
+int http_IsHdr(const txt *hh, const char *hdr);
 enum sess_close http_DoConnection(const struct http *);
 void http_CopyHome(const struct http *hp);
 void http_Unset(struct http *hp, const char *hdr);
diff --git a/bin/varnishd/cache/cache_http.c b/bin/varnishd/cache/cache_http.c
index e9f9e22..1eb429a 100644
--- a/bin/varnishd/cache/cache_http.c
+++ b/bin/varnishd/cache/cache_http.c
@@ -154,7 +154,7 @@ http_Teardown(struct http *hp)
 
 /*--------------------------------------------------------------------*/
 
-static int
+int
 http_IsHdr(const txt *hh, const char *hdr)
 {
 	unsigned l;
diff --git a/bin/varnishd/cache/cache_http1_proto.c b/bin/varnishd/cache/cache_http1_proto.c
index 00ed9bf..6be14d1 100644
--- a/bin/varnishd/cache/cache_http1_proto.c
+++ b/bin/varnishd/cache/cache_http1_proto.c
@@ -376,6 +376,30 @@ htc_splitline(struct http *hp, const struct http_conn *htc, int req)
 
 /*--------------------------------------------------------------------*/
 
+static int
+htc_request_invalid(struct http *hp)
+{
+	int u;
+	int seen_host = 0;
+	for (u = HTTP_HDR_FIRST; u < hp->nhd; u++) {
+		if (hp->hd[u].b == NULL)
+			continue;
+		AN(hp->hd[u].b);
+		AN(hp->hd[u].e);
+		if (http_IsHdr(&hp->hd[u], H_Host)) {
+			if (seen_host) {
+				VSLb(hp->vsl, SLT_Error, "Duplicated Host header");
+				return (400);
+			}
+			seen_host = 1;
+		}
+	}
+	return (0);
+}
+
+
+/*--------------------------------------------------------------------*/
+
 static void
 htc_proto_ver(struct http *hp)
 {
@@ -412,6 +436,11 @@ HTTP1_DissectRequest(struct req *req)
 	}
 	htc_proto_ver(hp);
 
+	retval = htc_request_invalid(hp);
+	if (retval != 0) {
+		return (retval);
+	}
+
 	/* RFC2616, section 5.2, point 1 */
 	if (!strncasecmp(hp->hd[HTTP_HDR_URL].b, "http://", 7)) {
 		b = e = hp->hd[HTTP_HDR_URL].b + 7;
-- 
1.7.10.4

More information about the varnish-dev mailing list