libsoup r1264 - in trunk: . libsoup

From: danw svn gnome org
To: svn-commits-list gnome org
Subject: libsoup r1264 - in trunk: . libsoup
Date: Sun, 5 Apr 2009 21:53:10 +0000 (UTC)
Author: danw
Date: Sun Apr  5 21:53:10 2009
New Revision: 1264
URL: http://svn.gnome.org/viewvc/libsoup?rev=1264&view=rev

Log:
	Don't allow CR/LF in header names or values

	* libsoup/soup-message-headers.c (soup_message_headers_append):
	Don't let the caller create a header with whitespace or ":" in its
	name, or with CR or LF in its value, since that would result in us
	generating syntactically invalid headers.


Modified:
   trunk/ChangeLog
   trunk/libsoup/soup-message-headers.c

Modified: trunk/libsoup/soup-message-headers.c
==============================================================================
--- trunk/libsoup/soup-message-headers.c	(original)
+++ trunk/libsoup/soup-message-headers.c	Sun Apr  5 21:53:10 2009
@@ -146,7 +146,13 @@
  * @name: the header name to add
  * @value: the new value of @name
  *
- * Appends a new header with name @name and value @value to @hdrs.
+ * Appends a new header with name @name and value @value to @hdrs. (If
+ * there is an existing header with name @name, then this creates a
+ * second one, which is only allowed for list-valued headers; see also
+ * soup_message_headers_replace().)
+ *
+ * The caller is expected to make sure that @name and @value are
+ * syntactically correct.
  **/
 void
 soup_message_headers_append (SoupMessageHeaders *hdrs,
@@ -158,6 +164,25 @@
 	g_return_if_fail (name != NULL);
 	g_return_if_fail (value != NULL);
 
+	/* Setting a syntactically invalid header name or value is
+	 * considered to be a programming error. However, it can also
+	 * be a security hole, so we want to fail here even if
+	 * compiled with G_DISABLE_CHECKS.
+	 */
+#ifndef G_DISABLE_CHECKS
+	g_return_if_fail (strpbrk (name, " \t\r\n:") == NULL);
+	g_return_if_fail (strpbrk (value, "\r\n") == NULL);
+#else
+	if (strpbrk (name, " \t\r\n:")) {
+		g_warning ("soup_message_headers_append: Ignoring bad name '%s'", name);
+		return;
+	}
+	if (strpbrk (value, "\r\n")) {
+		g_warning ("soup_message_headers_append: Ignoring bad value '%s'", value);
+		return;
+	}
+#endif
+
 	header.name = intern_header_name (name, &setter);
 	header.value = g_strdup (value);
 	g_array_append_val (hdrs->array, header);
@@ -173,7 +198,11 @@
  * @name: the header name to replace
  * @value: the new value of @name
  *
- * Replaces the value of the header @name in @hdrs with @value.
+ * Replaces the value of the header @name in @hdrs with @value. (See
+ * also soup_message_headers_append().)
+ *
+ * The caller is expected to make sure that @name and @value are
+ * syntactically correct.
  **/
 void
 soup_message_headers_replace (SoupMessageHeaders *hdrs,
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]