Mercurial > hg > nginx
comparison src/http/ngx_http_parse.c @ 9242:ddcedfa3a809
HTTP: just one empty line now accepted when parsing request line.
This ensures that multiple CRLFs cannot be used as a DoS vector, and also
in line with RFC 9112 ("SHOULD ignore at least one empty line"). Further,
bare CRs are no longer accepted.
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Sat, 30 Mar 2024 05:10:40 +0300 |
| parents | f3df785649ae |
| children | 9a5e2296c1be |
comparison
equal
deleted
inserted
replaced
| 9241:07ca679842de | 9242:ddcedfa3a809 |
|---|---|
| 104 ngx_http_parse_request_line(ngx_http_request_t *r, ngx_buf_t *b) | 104 ngx_http_parse_request_line(ngx_http_request_t *r, ngx_buf_t *b) |
| 105 { | 105 { |
| 106 u_char c, ch, *p, *m; | 106 u_char c, ch, *p, *m; |
| 107 enum { | 107 enum { |
| 108 sw_start = 0, | 108 sw_start = 0, |
| 109 sw_newline, | |
| 110 sw_method_start, | |
| 109 sw_method, | 111 sw_method, |
| 110 sw_spaces_before_uri, | 112 sw_spaces_before_uri, |
| 111 sw_schema, | 113 sw_schema, |
| 112 sw_schema_slash, | 114 sw_schema_slash, |
| 113 sw_schema_slash_slash, | 115 sw_schema_slash_slash, |
| 141 | 143 |
| 142 /* HTTP methods: GET, HEAD, POST */ | 144 /* HTTP methods: GET, HEAD, POST */ |
| 143 case sw_start: | 145 case sw_start: |
| 144 r->request_start = p; | 146 r->request_start = p; |
| 145 | 147 |
| 146 if (ch == CR || ch == LF) { | 148 if (ch == CR) { |
| 147 break; | 149 state = sw_newline; |
| 148 } | 150 break; |
| 151 } | |
| 152 | |
| 153 if (ch == LF) { | |
| 154 state = sw_method_start; | |
| 155 break; | |
| 156 } | |
| 157 | |
| 158 if ((ch < 'A' || ch > 'Z') && ch != '_' && ch != '-') { | |
| 159 return NGX_HTTP_PARSE_INVALID_METHOD; | |
| 160 } | |
| 161 | |
| 162 state = sw_method; | |
| 163 break; | |
| 164 | |
| 165 case sw_newline: | |
| 166 | |
| 167 if (ch == LF) { | |
| 168 state = sw_method_start; | |
| 169 break; | |
| 170 } | |
| 171 | |
| 172 return NGX_HTTP_PARSE_INVALID_REQUEST; | |
| 173 | |
| 174 case sw_method_start: | |
| 175 r->request_start = p; | |
| 149 | 176 |
| 150 if ((ch < 'A' || ch > 'Z') && ch != '_' && ch != '-') { | 177 if ((ch < 'A' || ch > 'Z') && ch != '_' && ch != '-') { |
| 151 return NGX_HTTP_PARSE_INVALID_METHOD; | 178 return NGX_HTTP_PARSE_INVALID_METHOD; |
| 152 } | 179 } |
| 153 | 180 |