forked from osmocom/wireshark
HTTP: sanitize encoding header field strings
Sanitize HTTP header values before adding them to the tree. We treat them as always US-ASCII. (Note, however, that RFC 7230 discusses that while "Newly defined header fields SHOULD limit their field values to US-ASCII octets. A recipient SHOULD treat other octets in field content as opaque data.") Fix #18362. Fix #18363.
This commit is contained in:
John Thacker
parent
2a189d0a08
commit
d0f7af3850
|
|
@ -27,6 +27,7 @@
|
|||
#include <epan/follow.h>
|
||||
#include <epan/addr_resolv.h>
|
||||
#include <epan/uat.h>
|
||||
#include <epan/charsets.h>
|
||||
#include <epan/strutil.h>
|
||||
#include <epan/stats_tree.h>
|
||||
#include <epan/to_str.h>
|
||||
|
|
@ -3165,6 +3166,16 @@ process_header(tvbuff_t *tvb, int offset, int next_offset,
|
|||
* value_len+1 bytes long, copy value_len bytes, and stick
|
||||
* in a NUL terminator, so that the buffer for value actually
|
||||
* has value_len bytes in it.
|
||||
*
|
||||
* XXX - RFC 7230 3.2.4 "Newly defined header fields SHOULD
|
||||
* limit their field values to US-ASCII octets. A recipient
|
||||
* SHOULD treat other octets in field content as opaque data."
|
||||
* So unknown values (and possibly those registered through
|
||||
* the UAT) should be treated like FT_BYTES with
|
||||
* BASE_SHOW_ASCII_PRINTABLE instead of FT_STRING, but it's
|
||||
* more difficult to do that with the custom formatting
|
||||
* that uses the header name. Instead we will just validate the
|
||||
* string as ASCII before adding it to the tree.
|
||||
*/
|
||||
value_len = line_end_offset - value_offset;
|
||||
value = (char *)wmem_alloc(wmem_packet_scope(), value_len+1);
|
||||
|
|
@ -3203,7 +3214,8 @@ process_header(tvbuff_t *tvb, int offset, int next_offset,
|
|||
} else {
|
||||
proto_tree_add_string_format(tree,
|
||||
*hf_id, tvb, offset, len,
|
||||
value, "%s", format_text(wmem_packet_scope(), line, len));
|
||||
get_ascii_string(pinfo->pool, value, value_len),
|
||||
"%s", format_text(pinfo->pool, line, len));
|
||||
if (http_type == HTTP_REQUEST ||
|
||||
http_type == HTTP_RESPONSE) {
|
||||
it = proto_tree_add_item(tree,
|
||||
|
|
@ -3254,7 +3266,8 @@ process_header(tvbuff_t *tvb, int offset, int next_offset,
|
|||
default:
|
||||
hdr_item = proto_tree_add_string_format(tree,
|
||||
*headers[hf_index].hf, tvb, offset, len,
|
||||
value, "%s", format_text(wmem_packet_scope(), line, len));
|
||||
get_ascii_string(pinfo->pool, value, value_len),
|
||||
"%s", format_text(pinfo->pool, line, len));
|
||||
if (http_type == HTTP_REQUEST ||
|
||||
http_type == HTTP_RESPONSE) {
|
||||
it = proto_tree_add_item(tree,
|
||||
|
|
|
|||
Loading…
Reference in New Issue