From: Willy Tarreau Date: Tue, 8 Aug 2023 15:00:50 +0000 (+0200) Subject: REORG: http: move has_forbidden_char() from h2.c to http.h X-Git-Tag: v2.9-dev3~56 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=d4069f3cee0f6e94afaec518b6373dd368073f52;p=thirdparty%2Fhaproxy.git REORG: http: move has_forbidden_char() from h2.c to http.h This function is not H2 specific but rather generic to HTTP. We'll need it in H3 soon, so let's move it to HTTP and rename it to http_header_has_forbidden_char(). --- diff --git a/include/haproxy/http.h b/include/haproxy/http.h index 73941336b7..e48e21fae8 100644 --- a/include/haproxy/http.h +++ b/include/haproxy/http.h @@ -173,6 +173,24 @@ static inline struct http_uri_parser http_uri_parser_init(const struct ist uri) return parser; } +/* Looks into for forbidden characters for header values (0x00, 0x0A, + * 0x0D), starting at pointer which must be within . Returns + * non-zero if such a character is found, 0 otherwise. When run on unlikely + * header match, it's recommended to first check for the presence of control + * chars using ist_find_ctl(). + */ +static inline int http_header_has_forbidden_char(const struct ist ist, const char *start) +{ + do { + if ((uint8_t)*start <= 0x0d && + (1U << (uint8_t)*start) & ((1<<13) | (1<<10) | (1<<0))) + return 1; + start++; + } while (start < istend(ist)); + return 0; +} + + #endif /* _HAPROXY_HTTP_H */ /* diff --git a/src/h2.c b/src/h2.c index f794262ee7..76c9367834 100644 --- a/src/h2.c +++ b/src/h2.c @@ -49,23 +49,6 @@ struct h2_frame_definition h2_frame_definition[H2_FT_ENTRIES] = { [H2_FT_CONTINUATION ] = { .dir = 3, .min_id = 1, .max_id = H2_MAX_STREAM_ID, .min_len = 0, .max_len = H2_MAX_FRAME_LEN, }, }; -/* Looks into for forbidden characters for header values (0x00, 0x0A, - * 0x0D), starting at pointer which must be within . Returns - * non-zero if such a character is found, 0 otherwise. When run on unlikely - * header match, it's recommended to first check for the presence of control - * chars using ist_find_ctl(). - */ -static int has_forbidden_char(const struct ist ist, const char *start) -{ - do { - if ((uint8_t)*start <= 0x0d && - (1U << (uint8_t)*start) & ((1<<13) | (1<<10) | (1<<0))) - return 1; - start++; - } while (start < istend(ist)); - return 0; -} - /* Prepare the request line into from pseudo headers stored in . * indicates what was found so far. This should be called once at the * detection of the first general header field or at the end of the request if @@ -353,7 +336,7 @@ int h2_make_htx_request(struct http_hdr *list, struct htx *htx, unsigned int *ms * rejecting NUL, CR and LF characters. */ ctl = ist_find_ctl(list[idx].v); - if (unlikely(ctl) && has_forbidden_char(list[idx].v, ctl)) + if (unlikely(ctl) && http_header_has_forbidden_char(list[idx].v, ctl)) goto fail; if (phdr > 0 && phdr < H2_PHDR_NUM_ENTRIES) { @@ -638,7 +621,7 @@ int h2_make_htx_response(struct http_hdr *list, struct htx *htx, unsigned int *m * rejecting NUL, CR and LF characters. */ ctl = ist_find_ctl(list[idx].v); - if (unlikely(ctl) && has_forbidden_char(list[idx].v, ctl)) + if (unlikely(ctl) && http_header_has_forbidden_char(list[idx].v, ctl)) goto fail; if (phdr > 0 && phdr < H2_PHDR_NUM_ENTRIES) { @@ -797,7 +780,7 @@ int h2_make_htx_trailers(struct http_hdr *list, struct htx *htx) * rejecting NUL, CR and LF characters. */ ctl = ist_find_ctl(list[idx].v); - if (unlikely(ctl) && has_forbidden_char(list[idx].v, ctl)) + if (unlikely(ctl) && http_header_has_forbidden_char(list[idx].v, ctl)) goto fail; if (!htx_add_trailer(htx, list[idx].n, list[idx].v))