From b3eb7d172aab6c7f423aea2f97c27099d6b65f7a Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 11 Nov 2019 09:56:23 +0100 Subject: quiche: reject headers in the wrong order Pseudo header MUST come before regular headers or cause an error. Reported-by: Cynthia Coan Fixes #4571 Closes #4584 --- lib/vquic/quiche.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'lib/vquic/quiche.c') diff --git a/lib/vquic/quiche.c b/lib/vquic/quiche.c index 0ee360d07..6f9a72579 100644 --- a/lib/vquic/quiche.c +++ b/lib/vquic/quiche.c @@ -379,6 +379,9 @@ static int cb_each_header(uint8_t *name, size_t name_len, headers->destlen, "HTTP/3 %.*s\n", (int) value_len, value); } + else if(!headers->nlen) { + return CURLE_HTTP3; + } else { msnprintf(headers->dest, headers->destlen, "%.*s: %.*s\n", @@ -433,7 +436,9 @@ static ssize_t h3_stream_recv(struct connectdata *conn, case QUICHE_H3_EVENT_HEADERS: rc = quiche_h3_event_for_each_header(ev, cb_each_header, &headers); if(rc) { - /* what do we do about this? */ + *curlcode = rc; + failf(data, "Error in HTTP/3 response header"); + break; } recvd = headers.nlen; break; -- cgit v1.2.3