From 84bd79eb221414a40407278ad516a60d40d5705f Mon Sep 17 00:00:00 2001 From: Corentin Machu Date: Fri, 5 Apr 2024 21:31:30 +0200 Subject: [PATCH] fix(http2): Reject uppercase headers --- src/connection/http2.rs | 2 +- src/http2/frames/frame.rs | 2 ++ src/http2/frames/headers.rs | 11 ++++++++++- 3 files changed, 13 insertions(+), 2 deletions(-) diff --git a/src/connection/http2.rs b/src/connection/http2.rs index dad1bcc..c46c049 100644 --- a/src/connection/http2.rs +++ b/src/connection/http2.rs @@ -660,7 +660,7 @@ pub async fn do_connection_loop( // RFC 9113 6.1: `If a DATA frame is received whose Stream // Identifier field is 0x00, the recipient MUST respond with a // connection error` - if frame.stream_identifier == 0 { + if frame.stream_identifier == 0 && frame.length > 0 { return Err(ConnectionError::DataOnStreamZero); } diff --git a/src/http2/frames/frame.rs b/src/http2/frames/frame.rs index 878c24f..e8dba1d 100644 --- a/src/http2/frames/frame.rs +++ b/src/http2/frames/frame.rs @@ -18,6 +18,8 @@ pub enum FrameError { WindowUpdateTooBig, #[error("Frame is too big ({actual} > {max_frame_size})")] FrameTooBig { actual: u32, max_frame_size: u32 }, + #[error("Header frame contains uppercase header")] + UppercaseHeader, // #[error("Continuation frame without header frame")] // ContinuationWithoutHeader, // #[error("Continuation frame but END_HEADERS set")] diff --git a/src/http2/frames/headers.rs b/src/http2/frames/headers.rs index 8457964..130fd3b 100644 --- a/src/http2/frames/headers.rs +++ b/src/http2/frames/headers.rs @@ -66,7 +66,16 @@ impl Headers { headers: hds .into_iter() .map(|(k, v)| (Bytes::from(k), Bytes::from(v))) - .collect(), + .map(|(k, v)| { + if k.iter() + .all(|c| c.is_ascii_uppercase() || c.is_ascii_punctuation()) + { + Err(FrameError::UppercaseHeader) + } else { + Ok((k, v)) + } + }) + .collect::, FrameError>>()?, end_stream: Self::is_end_stream(flags), }), Err(err) => {