BUG/MINOR: http-ext: always check remaining data when reading rfc7239 nodeport

http_7239_extract_nodeport() reads the first byte of the passed string
but the caller doesn't check that it's not empty, which can happen if
passed as 'host="127.0.0.1:"'. In that case the function would read and
return garbage that is present in the buffer after the colon. Let's just
check the remaining length before reading.

This can be backported to 2.8 as it was introduced with commit b2bb9257d2
("MINOR: proxy/http_ext: introduce proxy forwarded option").

diff --git a/src/http_ext.c b/src/http_ext.c
index a5e862d30d19cdbee9a8ae5ede389fef63473b3c..bed876cccf82638fc9ecb9a4edadb5b7e03348a4 100644 (file)
--- a/src/http_ext.c
+++ b/src/http_ext.c
@@ -356,7 +356,7 @@ static inline int http_7239_extract_node(struct ist *input, struct forwarded_hea
        if (!quoted)
                return 0; /* not supported */
        *input = istnext(*input);
-       if (!http_7239_extract_nodeport(input, nodeport))
+       if (!istlen(*input) || !http_7239_extract_nodeport(input, nodeport))
                return 0; /* invalid nodeport */
  out:
        /* ok */