mirror/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-07-22 20:38:26 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

HTTP: Do not allow request lines to end with bare CR

Browse Source 
This is consistent with Node.js.
This commit is contained in:
Demi Marie Obenour 2025-03-16 17:03:04 -04:00
parent e30ddb7a3b
commit 0d2c8754ee
1 changed files with 0 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
src/http/ngx_http_parse.c
View File

@ -492,10 +492,6 @@ ngx_http_parse_request_line(ngx_http_request_t *r, ngx_buf_t *b)
r->http_minor = 9; r->http_minor = 9;
state = sw_almost_done; state = sw_almost_done;
break; break;
case LF:
r->uri_end = p;
r->http_minor = 9;
goto done;
case '.': case '.':
r->complex_uri = 1; r->complex_uri = 1;
state = sw_uri; state = sw_uri;
@ -565,10 +561,6 @@ ngx_http_parse_request_line(ngx_http_request_t *r, ngx_buf_t *b)
r->http_minor = 9; r->http_minor = 9;
state = sw_almost_done; state = sw_almost_done;
break; break;
case LF:
r->uri_end = p;
r->http_minor = 9;
goto done;
#if (NGX_WIN32) #if (NGX_WIN32)
case '\\': case '\\':
r->complex_uri = 1; r->complex_uri = 1;
@ -615,10 +607,6 @@ ngx_http_parse_request_line(ngx_http_request_t *r, ngx_buf_t *b)
r->http_minor = 9; r->http_minor = 9;
state = sw_almost_done; state = sw_almost_done;
break; break;
case LF:
r->uri_end = p;
r->http_minor = 9;
goto done;
case '#': case '#':
r->complex_uri = 1; r->complex_uri = 1;
break; break;
@ -639,9 +627,6 @@ ngx_http_parse_request_line(ngx_http_request_t *r, ngx_buf_t *b)
r->http_minor = 9; r->http_minor = 9;
state = sw_almost_done; state = sw_almost_done;
break; break;
case LF:
r->http_minor = 9;
goto done;
case 'H': case 'H':
r->http_protocol.data = p; r->http_protocol.data = p;
state = sw_http_H; state = sw_http_H;
@ -769,8 +754,6 @@ ngx_http_parse_request_line(ngx_http_request_t *r, ngx_buf_t *b)
case CR: case CR:
state = sw_almost_done; state = sw_almost_done;
break; break;
case LF:
goto done;
default: default:
return NGX_HTTP_PARSE_INVALID_REQUEST; return NGX_HTTP_PARSE_INVALID_REQUEST;
} }