boostorg/beast
1
0
Fork 1
mirror of https://github.com/boostorg/beast.git synced 2025-08-01 05:44:38 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix parse illegal characters in obs-fold

Browse Source
This commit is contained in:
Vinnie Falco
2017-07-08 11:45:04 -07:00
parent f657057c49
commit a00ce1209b
3 changed files with 41 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@@ -8,6 +8,7 @@ Version 76:
* Serializer members are not const * Serializer members are not const
* serializing file_body is not const * serializing file_body is not const
* Add file_body_win32 * Add file_body_win32
* Fix parse illegal characters in obs-fold
API Changes: API Changes:

5
include/beast/http/detail/basic_parser.hpp
View File

@@ -797,6 +797,11 @@ protected:
p = parse_token_to_eol(p, last, token_last, ec); p = parse_token_to_eol(p, last, token_last, ec);
if(ec) if(ec)
return; return;
if(! p)
{
ec = error::bad_value;
return;
}
// Look 1 char past the CRLF to handle obs-fold. // Look 1 char past the CRLF to handle obs-fold.
if(p + 1 > last) if(p + 1 > last)
{ {

35
test/http/basic_parser.cpp
View File

@@ -1103,6 +1103,40 @@ public:
//-------------------------------------------------------------------------- //--------------------------------------------------------------------------
void
testFuzz1()
{
error_code ec;
test_parser<true> p;
feed(buf(
"LOCK /%e7lY;/;;%0b8=p/r HTTP/1.1\r\n"
"Accept-Encoding:\r\n"
" <20>\r\n"
"Original-Message-ID:<3A> <09><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>: \r\n"
" <20>D<EFBFBD><44><06>\r\n"
"Resent-Date:<3A>\r\n"
"Alt-Svc: \r\n"
"Trailer: \r\n"
"List-ID:<3A>k<EFBFBD> \r\n"
"Alternate-Recipient:<3A><13>\"<EFBFBD><EFBFBD><EFBFBD><EFBFBD>qJ̼<EFBFBD><EFBFBD>[r<><72>\r\n"
"Location: \r\n"
"Accept-Additions: \r\n"
"MMHS-Originator-PLAD: \r\n"
"Original-Sender: \r\n"
"Original-Sender:\r\n"
"PICS-Label:\r\n"
" \r\n"
"If: @<40>P\\<EFBFBD>Æ<EFBFBD><EFBFBD>\\|<7C>E\r\n"
"MMHS-Exempted-Address:\r\n"
"Injection-Info: \r\n"
"Contetn-Length: 0\r\n"
"\r\n"
), p, ec);
BEAST_EXPECT(ec);
}
//--------------------------------------------------------------------------
void void
run() override run() override
{ {
@@ -1122,6 +1156,7 @@ public:
testIssue430(); testIssue430();
testIssue452(); testIssue452();
testIssue496(); testIssue496();
testFuzz1();
} }
}; };