From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 5 Jul 2021 15:13:29 +0000 (+0200)
Subject: c-hyper: bail on too long response headers
X-Git-Tag: curl-7_78_0~57
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a62ece3f57d0097b25a2010056336324d8e4423c;p=thirdparty%2Fcurl.git

c-hyper: bail on too long response headers

To match with built-in behaviors. Makes test 1154 work.

Closes #7350
---

diff --git a/lib/c-hyper.c b/lib/c-hyper.c
index e5b352c998..7a22007cee 100644
--- a/lib/c-hyper.c
+++ b/lib/c-hyper.c
@@ -126,6 +126,12 @@ static int hyper_each_header(void *userdata,
   CURLcode result;
   int writetype;
 
+  if(name_len + value_len + 2 > CURL_MAX_HTTP_HEADER) {
+    failf(data, "Too long response header");
+    data->state.hresult = CURLE_OUT_OF_MEMORY;
+    return HYPER_ITER_BREAK;
+  }
+
   if(!data->req.bytecount)
     Curl_pgrsTime(data, TIMER_STARTTRANSFER);
 
diff --git a/tests/data/DISABLED b/tests/data/DISABLED
index 7a102b83cf..5366e16dc5 100644
--- a/tests/data/DISABLED
+++ b/tests/data/DISABLED
@@ -96,8 +96,6 @@
 1138
 1144
 1147
-1151
-1154
 1156
 1160
 1164