From f0579313d31ac7fafe0f05ee55ecb305bc1cbe23 Mon Sep 17 00:00:00 2001 From: Profpatsch Date: Fri, 29 Jan 2021 16:35:02 +0100 Subject: fix(users/Profpatsch/read-http): actually parse ascii There might be exploits since we parsed the headers as utf8 even though we actually want to interpret them as ASCII. This fixes it, by using the ascii crate. Thanks to @sterni for noticing. Change-Id: I50b6a588d99b34e677cb22968cf0dfd8b331d11c Reviewed-on: https://cl.tvl.fyi/c/depot/+/2457 Reviewed-by: Profpatsch Tested-by: BuildkiteCI --- users/Profpatsch/read-http/default.nix | 1 + users/Profpatsch/read-http/read-http.rs | 7 ++++--- 2 files changed, 5 insertions(+), 3 deletions(-) (limited to 'users/Profpatsch/read-http') diff --git a/users/Profpatsch/read-http/default.nix b/users/Profpatsch/read-http/default.nix index 20f8675b3fd4..41fe1c7fedcc 100644 --- a/users/Profpatsch/read-http/default.nix +++ b/users/Profpatsch/read-http/default.nix @@ -6,6 +6,7 @@ let read-http = depot.users.Profpatsch.writers.rustSimple { name = "read-http"; dependencies = [ + depot.users.Profpatsch.rust-crates.ascii depot.users.Profpatsch.rust-crates.httparse depot.users.Profpatsch.netencode.netencode-rs depot.users.Profpatsch.arglib.netencode.rust diff --git a/users/Profpatsch/read-http/read-http.rs b/users/Profpatsch/read-http/read-http.rs index a43bb7d3b20b..ab2c3887d7b5 100644 --- a/users/Profpatsch/read-http/read-http.rs +++ b/users/Profpatsch/read-http/read-http.rs @@ -1,6 +1,7 @@ extern crate httparse; extern crate netencode; extern crate arglib_netencode; +extern crate ascii; use std::os::unix::io::FromRawFd; use std::io::Read; @@ -63,11 +64,11 @@ fn main() -> std::io::Result<()> { fn normalize_headers<'a>(headers: &'a [httparse::Header]) -> Vec<(String, &'a str)> { let mut res = vec![]; for httparse::Header { name, value } in headers { - let val = std::str::from_utf8(*value) - .expect(&format!("read-http: we require header values to be UTF-8 (they should be ASCII), but the header {} was {:?}", name, value)); + let val = ascii::AsciiStr::from_ascii(*value) + .expect(&format!("read-http: we require header values to be ASCII, but the header {} was {:?}", name, value)); // lowercase the headers, since the standard doesn’t care // and we want unique strings to match agains - res.push((name.to_lowercase(), val)) + res.push((name.to_lowercase(), val.as_str())) } res } -- cgit 1.4.1