From a9f1146b8827855e342834458a71f2367346ace0 Mon Sep 17 00:00:00 2001 From: Paolo Insogna Date: Thu, 22 Sep 2022 13:07:36 +0000 Subject: [PATCH] http: disable chunked encoding when OBS fold is used Reviewed-By: Vladimir de Turckheim Reviewed-By: Matteo Collina PR-URL: https://github.com/nodejs-private/node-private/pull/341 Backport-PR-URL: https://github.com/nodejs-private/node-private/pull/343 CVE-ID: CVE-2022-32213, CVE-2022-35256 --- deps/llhttp/include/llhttp.h | 2 +- deps/llhttp/src/llhttp.c | 448 +++++++++--------- test/parallel/test-http-header-overflow.js | 9 +- .../test-http-missing-header-separator-cr.js | 72 ++- .../test-http-transfer-encoding-smuggling.js | 119 +++-- 5 files changed, 371 insertions(+), 279 deletions(-) diff --git a/deps/llhttp/include/llhttp.h b/deps/llhttp/include/llhttp.h index a361da5a96c914..fe3a927fc6cbb3 100644 --- a/deps/llhttp/include/llhttp.h +++ b/deps/llhttp/include/llhttp.h @@ -3,7 +3,7 @@ #define LLHTTP_VERSION_MAJOR 2 #define LLHTTP_VERSION_MINOR 1 -#define LLHTTP_VERSION_PATCH 5 +#define LLHTTP_VERSION_PATCH 6 #ifndef LLHTTP_STRICT_MODE # define LLHTTP_STRICT_MODE 0 diff --git a/deps/llhttp/src/llhttp.c b/deps/llhttp/src/llhttp.c index 5848169b13e7f3..f5439cbf3e7568 100644 --- a/deps/llhttp/src/llhttp.c +++ b/deps/llhttp/src/llhttp.c @@ -325,8 +325,7 @@ enum llparse_state_e { s_n_llhttp__internal__n_header_value_lws, s_n_llhttp__internal__n_header_value_almost_done, s_n_llhttp__internal__n_header_value_lenient, - s_n_llhttp__internal__n_error_24, - s_n_llhttp__internal__n_header_value_lenient_failed, + s_n_llhttp__internal__n_error_25, s_n_llhttp__internal__n_header_value_otherwise, s_n_llhttp__internal__n_header_value_connection_token, s_n_llhttp__internal__n_header_value_connection_ws, @@ -738,7 +737,7 @@ int llhttp__internal__c_or_flags_6( return 0; } -int llhttp__internal__c_update_header_state_2( +int llhttp__internal__c_update_header_state_3( llhttp__internal_t* state, const unsigned char* p, const unsigned char* endp) { @@ -746,7 +745,7 @@ int llhttp__internal__c_update_header_state_2( return 0; } -int llhttp__internal__c_update_header_state_4( +int llhttp__internal__c_update_header_state_1( llhttp__internal_t* state, const unsigned char* p, const unsigned char* endp) { @@ -754,7 +753,7 @@ int llhttp__internal__c_update_header_state_4( return 0; } -int llhttp__internal__c_update_header_state_5( +int llhttp__internal__c_update_header_state_6( llhttp__internal_t* state, const unsigned char* p, const unsigned char* endp) { @@ -762,7 +761,7 @@ int llhttp__internal__c_update_header_state_5( return 0; } -int llhttp__internal__c_update_header_state_6( +int llhttp__internal__c_update_header_state_7( llhttp__internal_t* state, const unsigned char* p, const unsigned char* endp) { @@ -770,7 +769,7 @@ int llhttp__internal__c_update_header_state_6( return 0; } -int llhttp__internal__c_test_flags_6( +int llhttp__internal__c_test_flags_7( llhttp__internal_t* state, const unsigned char* p, const unsigned char* endp) { @@ -811,7 +810,7 @@ int llhttp__internal__c_or_flags_15( return 0; } -int llhttp__internal__c_test_flags_7( +int llhttp__internal__c_test_flags_8( llhttp__internal_t* state, const unsigned char* p, const unsigned char* endp) { @@ -834,7 +833,7 @@ int llhttp__internal__c_and_flags( return 0; } -int llhttp__internal__c_update_header_state_7( +int llhttp__internal__c_update_header_state_8( llhttp__internal_t* state, const unsigned char* p, const unsigned char* endp) { @@ -1565,7 +1564,7 @@ static llparse_state_t llhttp__internal__run( goto s_n_llhttp__internal__n_header_value_discard_lws; } default: { - goto s_n_llhttp__internal__n_error_22; + goto s_n_llhttp__internal__n_error_23; } } /* UNREACHABLE */; @@ -1578,13 +1577,13 @@ static llparse_state_t llhttp__internal__run( } switch (*p) { case 9: { - goto s_n_llhttp__internal__n_span_start_llhttp__on_header_value_1; + goto s_n_llhttp__internal__n_invoke_load_header_state_3; } case ' ': { - goto s_n_llhttp__internal__n_span_start_llhttp__on_header_value_1; + goto s_n_llhttp__internal__n_invoke_load_header_state_3; } default: { - goto s_n_llhttp__internal__n_invoke_load_header_state_3; + goto s_n_llhttp__internal__n_invoke_load_header_state_4; } } /* UNREACHABLE */; @@ -1601,7 +1600,7 @@ static llparse_state_t llhttp__internal__run( goto s_n_llhttp__internal__n_header_value_lws; } default: { - goto s_n_llhttp__internal__n_error_23; + goto s_n_llhttp__internal__n_error_24; } } /* UNREACHABLE */; @@ -1627,32 +1626,16 @@ static llparse_state_t llhttp__internal__run( /* UNREACHABLE */; abort(); } - case s_n_llhttp__internal__n_error_24: - s_n_llhttp__internal__n_error_24: { - state->error = 0x19; - state->reason = "Missing expected CR after header value"; + case s_n_llhttp__internal__n_error_25: + s_n_llhttp__internal__n_error_25: { + state->error = 0xa; + state->reason = "Invalid header value char"; state->error_pos = (const char*) p; state->_current = (void*) (intptr_t) s_error; return s_error; /* UNREACHABLE */; abort(); } - case s_n_llhttp__internal__n_header_value_lenient_failed: - s_n_llhttp__internal__n_header_value_lenient_failed: { - if (p == endp) { - return s_n_llhttp__internal__n_header_value_lenient_failed; - } - switch (*p) { - case 10: { - goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_2; - } - default: { - goto s_n_llhttp__internal__n_error_25; - } - } - /* UNREACHABLE */; - abort(); - } case s_n_llhttp__internal__n_header_value_otherwise: s_n_llhttp__internal__n_header_value_otherwise: { if (p == endp) { @@ -1663,7 +1646,7 @@ static llparse_state_t llhttp__internal__run( goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_1; } default: { - goto s_n_llhttp__internal__n_invoke_test_flags_5; + goto s_n_llhttp__internal__n_invoke_test_flags_6; } } /* UNREACHABLE */; @@ -1726,10 +1709,10 @@ static llparse_state_t llhttp__internal__run( } case ',': { p++; - goto s_n_llhttp__internal__n_invoke_load_header_state_4; + goto s_n_llhttp__internal__n_invoke_load_header_state_5; } default: { - goto s_n_llhttp__internal__n_invoke_update_header_state_4; + goto s_n_llhttp__internal__n_invoke_update_header_state_5; } } /* UNREACHABLE */; @@ -1747,7 +1730,7 @@ static llparse_state_t llhttp__internal__run( switch (match_seq.status) { case kMatchComplete: { p++; - goto s_n_llhttp__internal__n_invoke_update_header_state_2; + goto s_n_llhttp__internal__n_invoke_update_header_state_3; } case kMatchPause: { return s_n_llhttp__internal__n_header_value_connection_1; @@ -1771,7 +1754,7 @@ static llparse_state_t llhttp__internal__run( switch (match_seq.status) { case kMatchComplete: { p++; - goto s_n_llhttp__internal__n_invoke_update_header_state_5; + goto s_n_llhttp__internal__n_invoke_update_header_state_6; } case kMatchPause: { return s_n_llhttp__internal__n_header_value_connection_2; @@ -1795,7 +1778,7 @@ static llparse_state_t llhttp__internal__run( switch (match_seq.status) { case kMatchComplete: { p++; - goto s_n_llhttp__internal__n_invoke_update_header_state_6; + goto s_n_llhttp__internal__n_invoke_update_header_state_7; } case kMatchPause: { return s_n_llhttp__internal__n_header_value_connection_3; @@ -2079,7 +2062,7 @@ static llparse_state_t llhttp__internal__run( goto s_n_llhttp__internal__n_header_value_te_token_ows; } default: { - goto s_n_llhttp__internal__n_invoke_update_header_state_8; + goto s_n_llhttp__internal__n_invoke_update_header_state_9; } } /* UNREACHABLE */; @@ -2092,10 +2075,10 @@ static llparse_state_t llhttp__internal__run( } switch (*p) { case 10: { - goto s_n_llhttp__internal__n_invoke_update_header_state_7; + goto s_n_llhttp__internal__n_invoke_update_header_state_8; } case 13: { - goto s_n_llhttp__internal__n_invoke_update_header_state_7; + goto s_n_llhttp__internal__n_invoke_update_header_state_8; } case ' ': { p++; @@ -2158,7 +2141,7 @@ static llparse_state_t llhttp__internal__run( } case 10: { p++; - goto s_n_llhttp__internal__n_header_value_discard_lws; + goto s_n_llhttp__internal__n_invoke_test_flags_5; } case 13: { p++; @@ -2275,7 +2258,7 @@ static llparse_state_t llhttp__internal__run( goto s_n_llhttp__internal__n_span_end_llhttp__on_header_field_1; } default: { - goto s_n_llhttp__internal__n_invoke_update_header_state_9; + goto s_n_llhttp__internal__n_invoke_update_header_state_10; } } /* UNREACHABLE */; @@ -2300,7 +2283,7 @@ static llparse_state_t llhttp__internal__run( return s_n_llhttp__internal__n_header_field_3; } case kMatchMismatch: { - goto s_n_llhttp__internal__n_invoke_update_header_state_10; + goto s_n_llhttp__internal__n_invoke_update_header_state_11; } } /* UNREACHABLE */; @@ -2325,7 +2308,7 @@ static llparse_state_t llhttp__internal__run( return s_n_llhttp__internal__n_header_field_4; } case kMatchMismatch: { - goto s_n_llhttp__internal__n_invoke_update_header_state_10; + goto s_n_llhttp__internal__n_invoke_update_header_state_11; } } /* UNREACHABLE */; @@ -2346,7 +2329,7 @@ static llparse_state_t llhttp__internal__run( goto s_n_llhttp__internal__n_header_field_4; } default: { - goto s_n_llhttp__internal__n_invoke_update_header_state_10; + goto s_n_llhttp__internal__n_invoke_update_header_state_11; } } /* UNREACHABLE */; @@ -2370,7 +2353,7 @@ static llparse_state_t llhttp__internal__run( return s_n_llhttp__internal__n_header_field_1; } case kMatchMismatch: { - goto s_n_llhttp__internal__n_invoke_update_header_state_10; + goto s_n_llhttp__internal__n_invoke_update_header_state_11; } } /* UNREACHABLE */; @@ -2395,7 +2378,7 @@ static llparse_state_t llhttp__internal__run( return s_n_llhttp__internal__n_header_field_5; } case kMatchMismatch: { - goto s_n_llhttp__internal__n_invoke_update_header_state_10; + goto s_n_llhttp__internal__n_invoke_update_header_state_11; } } /* UNREACHABLE */; @@ -2420,7 +2403,7 @@ static llparse_state_t llhttp__internal__run( return s_n_llhttp__internal__n_header_field_6; } case kMatchMismatch: { - goto s_n_llhttp__internal__n_invoke_update_header_state_10; + goto s_n_llhttp__internal__n_invoke_update_header_state_11; } } /* UNREACHABLE */; @@ -2445,7 +2428,7 @@ static llparse_state_t llhttp__internal__run( return s_n_llhttp__internal__n_header_field_7; } case kMatchMismatch: { - goto s_n_llhttp__internal__n_invoke_update_header_state_10; + goto s_n_llhttp__internal__n_invoke_update_header_state_11; } } /* UNREACHABLE */; @@ -2474,7 +2457,7 @@ static llparse_state_t llhttp__internal__run( goto s_n_llhttp__internal__n_header_field_7; } default: { - goto s_n_llhttp__internal__n_invoke_update_header_state_10; + goto s_n_llhttp__internal__n_invoke_update_header_state_11; } } /* UNREACHABLE */; @@ -5712,7 +5695,7 @@ static llparse_state_t llhttp__internal__run( /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_error_21: { + s_n_llhttp__internal__n_error_22: { state->error = 0xb; state->reason = "Empty Content-Length"; state->error_pos = (const char*) p; @@ -5797,14 +5780,33 @@ static llparse_state_t llhttp__internal__run( s_n_llhttp__internal__n_invoke_load_header_state: { switch (llhttp__internal__c_load_header_state(state, p, endp)) { case 2: - goto s_n_llhttp__internal__n_error_21; + goto s_n_llhttp__internal__n_error_22; default: goto s_n_llhttp__internal__n_invoke_load_header_state_1; } /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_error_22: { + s_n_llhttp__internal__n_error_21: { + state->error = 0xa; + state->reason = "Invalid header value char"; + state->error_pos = (const char*) p; + state->_current = (void*) (intptr_t) s_error; + return s_error; + /* UNREACHABLE */; + abort(); + } + s_n_llhttp__internal__n_invoke_test_flags_5: { + switch (llhttp__internal__c_test_flags_2(state, p, endp)) { + case 1: + goto s_n_llhttp__internal__n_header_value_discard_lws; + default: + goto s_n_llhttp__internal__n_error_21; + } + /* UNREACHABLE */; + abort(); + } + s_n_llhttp__internal__n_error_23: { state->error = 0x2; state->reason = "Expected LF after CR"; state->error_pos = (const char*) p; @@ -5814,6 +5816,24 @@ static llparse_state_t llhttp__internal__run( abort(); } s_n_llhttp__internal__n_invoke_update_header_state_1: { + switch (llhttp__internal__c_update_header_state_1(state, p, endp)) { + default: + goto s_n_llhttp__internal__n_span_start_llhttp__on_header_value_1; + } + /* UNREACHABLE */; + abort(); + } + s_n_llhttp__internal__n_invoke_load_header_state_3: { + switch (llhttp__internal__c_load_header_state(state, p, endp)) { + case 8: + goto s_n_llhttp__internal__n_invoke_update_header_state_1; + default: + goto s_n_llhttp__internal__n_span_start_llhttp__on_header_value_1; + } + /* UNREACHABLE */; + abort(); + } + s_n_llhttp__internal__n_invoke_update_header_state_2: { switch (llhttp__internal__c_update_header_state(state, p, endp)) { default: goto s_n_llhttp__internal__n_header_field_start; @@ -5824,7 +5844,7 @@ static llparse_state_t llhttp__internal__run( s_n_llhttp__internal__n_invoke_or_flags_7: { switch (llhttp__internal__c_or_flags_3(state, p, endp)) { default: - goto s_n_llhttp__internal__n_invoke_update_header_state_1; + goto s_n_llhttp__internal__n_invoke_update_header_state_2; } /* UNREACHABLE */; abort(); @@ -5832,7 +5852,7 @@ static llparse_state_t llhttp__internal__run( s_n_llhttp__internal__n_invoke_or_flags_8: { switch (llhttp__internal__c_or_flags_4(state, p, endp)) { default: - goto s_n_llhttp__internal__n_invoke_update_header_state_1; + goto s_n_llhttp__internal__n_invoke_update_header_state_2; } /* UNREACHABLE */; abort(); @@ -5840,7 +5860,7 @@ static llparse_state_t llhttp__internal__run( s_n_llhttp__internal__n_invoke_or_flags_9: { switch (llhttp__internal__c_or_flags_5(state, p, endp)) { default: - goto s_n_llhttp__internal__n_invoke_update_header_state_1; + goto s_n_llhttp__internal__n_invoke_update_header_state_2; } /* UNREACHABLE */; abort(); @@ -5853,7 +5873,7 @@ static llparse_state_t llhttp__internal__run( /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_load_header_state_3: { + s_n_llhttp__internal__n_invoke_load_header_state_4: { switch (llhttp__internal__c_load_header_state(state, p, endp)) { case 5: goto s_n_llhttp__internal__n_invoke_or_flags_7; @@ -5869,7 +5889,7 @@ static llparse_state_t llhttp__internal__run( /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_error_23: { + s_n_llhttp__internal__n_error_24: { state->error = 0x3; state->reason = "Missing expected LF after header value"; state->error_pos = (const char*) p; @@ -5940,35 +5960,25 @@ static llparse_state_t llhttp__internal__run( err = llhttp__on_header_value(state, start, p); if (err != 0) { state->error = err; - state->error_pos = (const char*) (p + 1); - state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_24; + state->error_pos = (const char*) p; + state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_25; return s_error; } - p++; - goto s_n_llhttp__internal__n_error_24; - /* UNREACHABLE */; - abort(); - } - s_n_llhttp__internal__n_error_25: { - state->error = 0xa; - state->reason = "Invalid header value char"; - state->error_pos = (const char*) p; - state->_current = (void*) (intptr_t) s_error; - return s_error; + goto s_n_llhttp__internal__n_error_25; /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_test_flags_5: { + s_n_llhttp__internal__n_invoke_test_flags_6: { switch (llhttp__internal__c_test_flags_2(state, p, endp)) { case 1: goto s_n_llhttp__internal__n_header_value_lenient; default: - goto s_n_llhttp__internal__n_header_value_lenient_failed; + goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_2; } /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_update_header_state_3: { + s_n_llhttp__internal__n_invoke_update_header_state_4: { switch (llhttp__internal__c_update_header_state(state, p, endp)) { default: goto s_n_llhttp__internal__n_header_value_connection; @@ -5979,7 +5989,7 @@ static llparse_state_t llhttp__internal__run( s_n_llhttp__internal__n_invoke_or_flags_11: { switch (llhttp__internal__c_or_flags_3(state, p, endp)) { default: - goto s_n_llhttp__internal__n_invoke_update_header_state_3; + goto s_n_llhttp__internal__n_invoke_update_header_state_4; } /* UNREACHABLE */; abort(); @@ -5987,7 +5997,7 @@ static llparse_state_t llhttp__internal__run( s_n_llhttp__internal__n_invoke_or_flags_12: { switch (llhttp__internal__c_or_flags_4(state, p, endp)) { default: - goto s_n_llhttp__internal__n_invoke_update_header_state_3; + goto s_n_llhttp__internal__n_invoke_update_header_state_4; } /* UNREACHABLE */; abort(); @@ -5995,7 +6005,7 @@ static llparse_state_t llhttp__internal__run( s_n_llhttp__internal__n_invoke_or_flags_13: { switch (llhttp__internal__c_or_flags_5(state, p, endp)) { default: - goto s_n_llhttp__internal__n_invoke_update_header_state_3; + goto s_n_llhttp__internal__n_invoke_update_header_state_4; } /* UNREACHABLE */; abort(); @@ -6008,7 +6018,7 @@ static llparse_state_t llhttp__internal__run( /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_load_header_state_4: { + s_n_llhttp__internal__n_invoke_load_header_state_5: { switch (llhttp__internal__c_load_header_state(state, p, endp)) { case 5: goto s_n_llhttp__internal__n_invoke_or_flags_11; @@ -6024,32 +6034,32 @@ static llparse_state_t llhttp__internal__run( /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_update_header_state_4: { - switch (llhttp__internal__c_update_header_state_4(state, p, endp)) { + s_n_llhttp__internal__n_invoke_update_header_state_5: { + switch (llhttp__internal__c_update_header_state_1(state, p, endp)) { default: goto s_n_llhttp__internal__n_header_value_connection_token; } /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_update_header_state_2: { - switch (llhttp__internal__c_update_header_state_2(state, p, endp)) { + s_n_llhttp__internal__n_invoke_update_header_state_3: { + switch (llhttp__internal__c_update_header_state_3(state, p, endp)) { default: goto s_n_llhttp__internal__n_header_value_connection_ws; } /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_update_header_state_5: { - switch (llhttp__internal__c_update_header_state_5(state, p, endp)) { + s_n_llhttp__internal__n_invoke_update_header_state_6: { + switch (llhttp__internal__c_update_header_state_6(state, p, endp)) { default: goto s_n_llhttp__internal__n_header_value_connection_ws; } /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_update_header_state_6: { - switch (llhttp__internal__c_update_header_state_6(state, p, endp)) { + s_n_llhttp__internal__n_invoke_update_header_state_7: { + switch (llhttp__internal__c_update_header_state_7(state, p, endp)) { default: goto s_n_llhttp__internal__n_header_value_connection_ws; } @@ -6117,8 +6127,8 @@ static llparse_state_t llhttp__internal__run( /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_test_flags_6: { - switch (llhttp__internal__c_test_flags_6(state, p, endp)) { + s_n_llhttp__internal__n_invoke_test_flags_7: { + switch (llhttp__internal__c_test_flags_7(state, p, endp)) { case 0: goto s_n_llhttp__internal__n_header_value_content_length; default: @@ -6145,8 +6155,8 @@ static llparse_state_t llhttp__internal__run( /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_update_header_state_7: { - switch (llhttp__internal__c_update_header_state_7(state, p, endp)) { + s_n_llhttp__internal__n_invoke_update_header_state_8: { + switch (llhttp__internal__c_update_header_state_8(state, p, endp)) { default: goto s_n_llhttp__internal__n_header_value_otherwise; } @@ -6171,7 +6181,7 @@ static llparse_state_t llhttp__internal__run( /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_test_flags_8: { + s_n_llhttp__internal__n_invoke_test_flags_9: { switch (llhttp__internal__c_test_flags_2(state, p, endp)) { case 0: goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_7; @@ -6184,15 +6194,15 @@ static llparse_state_t llhttp__internal__run( s_n_llhttp__internal__n_invoke_load_type_1: { switch (llhttp__internal__c_load_type(state, p, endp)) { case 1: - goto s_n_llhttp__internal__n_invoke_test_flags_8; + goto s_n_llhttp__internal__n_invoke_test_flags_9; default: goto s_n_llhttp__internal__n_header_value_te_chunked; } /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_update_header_state_8: { - switch (llhttp__internal__c_update_header_state_4(state, p, endp)) { + s_n_llhttp__internal__n_invoke_update_header_state_9: { + switch (llhttp__internal__c_update_header_state_1(state, p, endp)) { default: goto s_n_llhttp__internal__n_header_value; } @@ -6215,7 +6225,7 @@ static llparse_state_t llhttp__internal__run( /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_test_flags_9: { + s_n_llhttp__internal__n_invoke_test_flags_10: { switch (llhttp__internal__c_test_flags_2(state, p, endp)) { case 0: goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_8; @@ -6228,7 +6238,7 @@ static llparse_state_t llhttp__internal__run( s_n_llhttp__internal__n_invoke_load_type_2: { switch (llhttp__internal__c_load_type(state, p, endp)) { case 1: - goto s_n_llhttp__internal__n_invoke_test_flags_9; + goto s_n_llhttp__internal__n_invoke_test_flags_10; default: goto s_n_llhttp__internal__n_invoke_or_flags_17; } @@ -6243,8 +6253,8 @@ static llparse_state_t llhttp__internal__run( /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_test_flags_7: { - switch (llhttp__internal__c_test_flags_7(state, p, endp)) { + s_n_llhttp__internal__n_invoke_test_flags_8: { + switch (llhttp__internal__c_test_flags_8(state, p, endp)) { case 1: goto s_n_llhttp__internal__n_invoke_load_type_2; default: @@ -6256,7 +6266,7 @@ static llparse_state_t llhttp__internal__run( s_n_llhttp__internal__n_invoke_or_flags_18: { switch (llhttp__internal__c_or_flags_18(state, p, endp)) { default: - goto s_n_llhttp__internal__n_invoke_update_header_state_8; + goto s_n_llhttp__internal__n_invoke_update_header_state_9; } /* UNREACHABLE */; abort(); @@ -6266,9 +6276,9 @@ static llparse_state_t llhttp__internal__run( case 1: goto s_n_llhttp__internal__n_header_value_connection; case 2: - goto s_n_llhttp__internal__n_invoke_test_flags_6; - case 3: goto s_n_llhttp__internal__n_invoke_test_flags_7; + case 3: + goto s_n_llhttp__internal__n_invoke_test_flags_8; case 4: goto s_n_llhttp__internal__n_invoke_or_flags_18; default: @@ -6322,8 +6332,8 @@ static llparse_state_t llhttp__internal__run( /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_update_header_state_9: { - switch (llhttp__internal__c_update_header_state_4(state, p, endp)) { + s_n_llhttp__internal__n_invoke_update_header_state_10: { + switch (llhttp__internal__c_update_header_state_1(state, p, endp)) { default: goto s_n_llhttp__internal__n_header_field_general; } @@ -6338,8 +6348,8 @@ static llparse_state_t llhttp__internal__run( /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_update_header_state_10: { - switch (llhttp__internal__c_update_header_state_4(state, p, endp)) { + s_n_llhttp__internal__n_invoke_update_header_state_11: { + switch (llhttp__internal__c_update_header_state_1(state, p, endp)) { default: goto s_n_llhttp__internal__n_header_field_general; } @@ -7413,8 +7423,7 @@ enum llparse_state_e { s_n_llhttp__internal__n_header_value_lws, s_n_llhttp__internal__n_header_value_almost_done, s_n_llhttp__internal__n_header_value_lenient, - s_n_llhttp__internal__n_error_18, - s_n_llhttp__internal__n_header_value_lenient_failed, + s_n_llhttp__internal__n_error_19, s_n_llhttp__internal__n_header_value_otherwise, s_n_llhttp__internal__n_header_value_connection_token, s_n_llhttp__internal__n_header_value_connection_ws, @@ -7821,7 +7830,7 @@ int llhttp__internal__c_or_flags_6( return 0; } -int llhttp__internal__c_update_header_state_2( +int llhttp__internal__c_update_header_state_3( llhttp__internal_t* state, const unsigned char* p, const unsigned char* endp) { @@ -7829,7 +7838,7 @@ int llhttp__internal__c_update_header_state_2( return 0; } -int llhttp__internal__c_update_header_state_4( +int llhttp__internal__c_update_header_state_1( llhttp__internal_t* state, const unsigned char* p, const unsigned char* endp) { @@ -7837,7 +7846,7 @@ int llhttp__internal__c_update_header_state_4( return 0; } -int llhttp__internal__c_update_header_state_5( +int llhttp__internal__c_update_header_state_6( llhttp__internal_t* state, const unsigned char* p, const unsigned char* endp) { @@ -7845,7 +7854,7 @@ int llhttp__internal__c_update_header_state_5( return 0; } -int llhttp__internal__c_update_header_state_6( +int llhttp__internal__c_update_header_state_7( llhttp__internal_t* state, const unsigned char* p, const unsigned char* endp) { @@ -7853,7 +7862,7 @@ int llhttp__internal__c_update_header_state_6( return 0; } -int llhttp__internal__c_test_flags_6( +int llhttp__internal__c_test_flags_7( llhttp__internal_t* state, const unsigned char* p, const unsigned char* endp) { @@ -7894,7 +7903,7 @@ int llhttp__internal__c_or_flags_15( return 0; } -int llhttp__internal__c_test_flags_7( +int llhttp__internal__c_test_flags_8( llhttp__internal_t* state, const unsigned char* p, const unsigned char* endp) { @@ -7917,7 +7926,7 @@ int llhttp__internal__c_and_flags( return 0; } -int llhttp__internal__c_update_header_state_7( +int llhttp__internal__c_update_header_state_8( llhttp__internal_t* state, const unsigned char* p, const unsigned char* endp) { @@ -8612,13 +8621,13 @@ static llparse_state_t llhttp__internal__run( } switch (*p) { case 9: { - goto s_n_llhttp__internal__n_span_start_llhttp__on_header_value_1; + goto s_n_llhttp__internal__n_invoke_load_header_state_3; } case ' ': { - goto s_n_llhttp__internal__n_span_start_llhttp__on_header_value_1; + goto s_n_llhttp__internal__n_invoke_load_header_state_3; } default: { - goto s_n_llhttp__internal__n_invoke_load_header_state_3; + goto s_n_llhttp__internal__n_invoke_load_header_state_4; } } /* UNREACHABLE */; @@ -8635,7 +8644,7 @@ static llparse_state_t llhttp__internal__run( goto s_n_llhttp__internal__n_header_value_lws; } default: { - goto s_n_llhttp__internal__n_error_17; + goto s_n_llhttp__internal__n_error_18; } } /* UNREACHABLE */; @@ -8661,32 +8670,16 @@ static llparse_state_t llhttp__internal__run( /* UNREACHABLE */; abort(); } - case s_n_llhttp__internal__n_error_18: - s_n_llhttp__internal__n_error_18: { - state->error = 0x19; - state->reason = "Missing expected CR after header value"; + case s_n_llhttp__internal__n_error_19: + s_n_llhttp__internal__n_error_19: { + state->error = 0xa; + state->reason = "Invalid header value char"; state->error_pos = (const char*) p; state->_current = (void*) (intptr_t) s_error; return s_error; /* UNREACHABLE */; abort(); } - case s_n_llhttp__internal__n_header_value_lenient_failed: - s_n_llhttp__internal__n_header_value_lenient_failed: { - if (p == endp) { - return s_n_llhttp__internal__n_header_value_lenient_failed; - } - switch (*p) { - case 10: { - goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_2; - } - default: { - goto s_n_llhttp__internal__n_error_19; - } - } - /* UNREACHABLE */; - abort(); - } case s_n_llhttp__internal__n_header_value_otherwise: s_n_llhttp__internal__n_header_value_otherwise: { if (p == endp) { @@ -8697,7 +8690,7 @@ static llparse_state_t llhttp__internal__run( goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_1; } default: { - goto s_n_llhttp__internal__n_invoke_test_flags_5; + goto s_n_llhttp__internal__n_invoke_test_flags_6; } } /* UNREACHABLE */; @@ -8760,10 +8753,10 @@ static llparse_state_t llhttp__internal__run( } case ',': { p++; - goto s_n_llhttp__internal__n_invoke_load_header_state_4; + goto s_n_llhttp__internal__n_invoke_load_header_state_5; } default: { - goto s_n_llhttp__internal__n_invoke_update_header_state_4; + goto s_n_llhttp__internal__n_invoke_update_header_state_5; } } /* UNREACHABLE */; @@ -8781,7 +8774,7 @@ static llparse_state_t llhttp__internal__run( switch (match_seq.status) { case kMatchComplete: { p++; - goto s_n_llhttp__internal__n_invoke_update_header_state_2; + goto s_n_llhttp__internal__n_invoke_update_header_state_3; } case kMatchPause: { return s_n_llhttp__internal__n_header_value_connection_1; @@ -8805,7 +8798,7 @@ static llparse_state_t llhttp__internal__run( switch (match_seq.status) { case kMatchComplete: { p++; - goto s_n_llhttp__internal__n_invoke_update_header_state_5; + goto s_n_llhttp__internal__n_invoke_update_header_state_6; } case kMatchPause: { return s_n_llhttp__internal__n_header_value_connection_2; @@ -8829,7 +8822,7 @@ static llparse_state_t llhttp__internal__run( switch (match_seq.status) { case kMatchComplete: { p++; - goto s_n_llhttp__internal__n_invoke_update_header_state_6; + goto s_n_llhttp__internal__n_invoke_update_header_state_7; } case kMatchPause: { return s_n_llhttp__internal__n_header_value_connection_3; @@ -9113,7 +9106,7 @@ static llparse_state_t llhttp__internal__run( goto s_n_llhttp__internal__n_header_value_te_token_ows; } default: { - goto s_n_llhttp__internal__n_invoke_update_header_state_8; + goto s_n_llhttp__internal__n_invoke_update_header_state_9; } } /* UNREACHABLE */; @@ -9126,10 +9119,10 @@ static llparse_state_t llhttp__internal__run( } switch (*p) { case 10: { - goto s_n_llhttp__internal__n_invoke_update_header_state_7; + goto s_n_llhttp__internal__n_invoke_update_header_state_8; } case 13: { - goto s_n_llhttp__internal__n_invoke_update_header_state_7; + goto s_n_llhttp__internal__n_invoke_update_header_state_8; } case ' ': { p++; @@ -9192,7 +9185,7 @@ static llparse_state_t llhttp__internal__run( } case 10: { p++; - goto s_n_llhttp__internal__n_header_value_discard_lws; + goto s_n_llhttp__internal__n_invoke_test_flags_5; } case 13: { p++; @@ -9309,7 +9302,7 @@ static llparse_state_t llhttp__internal__run( goto s_n_llhttp__internal__n_span_end_llhttp__on_header_field_1; } default: { - goto s_n_llhttp__internal__n_invoke_update_header_state_9; + goto s_n_llhttp__internal__n_invoke_update_header_state_10; } } /* UNREACHABLE */; @@ -9334,7 +9327,7 @@ static llparse_state_t llhttp__internal__run( return s_n_llhttp__internal__n_header_field_3; } case kMatchMismatch: { - goto s_n_llhttp__internal__n_invoke_update_header_state_10; + goto s_n_llhttp__internal__n_invoke_update_header_state_11; } } /* UNREACHABLE */; @@ -9359,7 +9352,7 @@ static llparse_state_t llhttp__internal__run( return s_n_llhttp__internal__n_header_field_4; } case kMatchMismatch: { - goto s_n_llhttp__internal__n_invoke_update_header_state_10; + goto s_n_llhttp__internal__n_invoke_update_header_state_11; } } /* UNREACHABLE */; @@ -9380,7 +9373,7 @@ static llparse_state_t llhttp__internal__run( goto s_n_llhttp__internal__n_header_field_4; } default: { - goto s_n_llhttp__internal__n_invoke_update_header_state_10; + goto s_n_llhttp__internal__n_invoke_update_header_state_11; } } /* UNREACHABLE */; @@ -9404,7 +9397,7 @@ static llparse_state_t llhttp__internal__run( return s_n_llhttp__internal__n_header_field_1; } case kMatchMismatch: { - goto s_n_llhttp__internal__n_invoke_update_header_state_10; + goto s_n_llhttp__internal__n_invoke_update_header_state_11; } } /* UNREACHABLE */; @@ -9429,7 +9422,7 @@ static llparse_state_t llhttp__internal__run( return s_n_llhttp__internal__n_header_field_5; } case kMatchMismatch: { - goto s_n_llhttp__internal__n_invoke_update_header_state_10; + goto s_n_llhttp__internal__n_invoke_update_header_state_11; } } /* UNREACHABLE */; @@ -9454,7 +9447,7 @@ static llparse_state_t llhttp__internal__run( return s_n_llhttp__internal__n_header_field_6; } case kMatchMismatch: { - goto s_n_llhttp__internal__n_invoke_update_header_state_10; + goto s_n_llhttp__internal__n_invoke_update_header_state_11; } } /* UNREACHABLE */; @@ -9479,7 +9472,7 @@ static llparse_state_t llhttp__internal__run( return s_n_llhttp__internal__n_header_field_7; } case kMatchMismatch: { - goto s_n_llhttp__internal__n_invoke_update_header_state_10; + goto s_n_llhttp__internal__n_invoke_update_header_state_11; } } /* UNREACHABLE */; @@ -9508,7 +9501,7 @@ static llparse_state_t llhttp__internal__run( goto s_n_llhttp__internal__n_header_field_7; } default: { - goto s_n_llhttp__internal__n_invoke_update_header_state_10; + goto s_n_llhttp__internal__n_invoke_update_header_state_11; } } /* UNREACHABLE */; @@ -12540,7 +12533,7 @@ static llparse_state_t llhttp__internal__run( /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_error_16: { + s_n_llhttp__internal__n_error_17: { state->error = 0xb; state->reason = "Empty Content-Length"; state->error_pos = (const char*) p; @@ -12625,14 +12618,51 @@ static llparse_state_t llhttp__internal__run( s_n_llhttp__internal__n_invoke_load_header_state: { switch (llhttp__internal__c_load_header_state(state, p, endp)) { case 2: - goto s_n_llhttp__internal__n_error_16; + goto s_n_llhttp__internal__n_error_17; default: goto s_n_llhttp__internal__n_invoke_load_header_state_1; } /* UNREACHABLE */; abort(); } + s_n_llhttp__internal__n_error_16: { + state->error = 0xa; + state->reason = "Invalid header value char"; + state->error_pos = (const char*) p; + state->_current = (void*) (intptr_t) s_error; + return s_error; + /* UNREACHABLE */; + abort(); + } + s_n_llhttp__internal__n_invoke_test_flags_5: { + switch (llhttp__internal__c_test_flags_2(state, p, endp)) { + case 1: + goto s_n_llhttp__internal__n_header_value_discard_lws; + default: + goto s_n_llhttp__internal__n_error_16; + } + /* UNREACHABLE */; + abort(); + } s_n_llhttp__internal__n_invoke_update_header_state_1: { + switch (llhttp__internal__c_update_header_state_1(state, p, endp)) { + default: + goto s_n_llhttp__internal__n_span_start_llhttp__on_header_value_1; + } + /* UNREACHABLE */; + abort(); + } + s_n_llhttp__internal__n_invoke_load_header_state_3: { + switch (llhttp__internal__c_load_header_state(state, p, endp)) { + case 8: + goto s_n_llhttp__internal__n_invoke_update_header_state_1; + default: + goto s_n_llhttp__internal__n_span_start_llhttp__on_header_value_1; + } + /* UNREACHABLE */; + abort(); + } + s_n_llhttp__internal__n_invoke_update_header_state_2: { switch (llhttp__internal__c_update_header_state(state, p, endp)) { default: goto s_n_llhttp__internal__n_header_field_start; @@ -12643,7 +12673,7 @@ static llparse_state_t llhttp__internal__run( s_n_llhttp__internal__n_invoke_or_flags_7: { switch (llhttp__internal__c_or_flags_3(state, p, endp)) { default: - goto s_n_llhttp__internal__n_invoke_update_header_state_1; + goto s_n_llhttp__internal__n_invoke_update_header_state_2; } /* UNREACHABLE */; abort(); @@ -12651,7 +12681,7 @@ static llparse_state_t llhttp__internal__run( s_n_llhttp__internal__n_invoke_or_flags_8: { switch (llhttp__internal__c_or_flags_4(state, p, endp)) { default: - goto s_n_llhttp__internal__n_invoke_update_header_state_1; + goto s_n_llhttp__internal__n_invoke_update_header_state_2; } /* UNREACHABLE */; abort(); @@ -12659,7 +12689,7 @@ static llparse_state_t llhttp__internal__run( s_n_llhttp__internal__n_invoke_or_flags_9: { switch (llhttp__internal__c_or_flags_5(state, p, endp)) { default: - goto s_n_llhttp__internal__n_invoke_update_header_state_1; + goto s_n_llhttp__internal__n_invoke_update_header_state_2; } /* UNREACHABLE */; abort(); @@ -12672,7 +12702,7 @@ static llparse_state_t llhttp__internal__run( /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_load_header_state_3: { + s_n_llhttp__internal__n_invoke_load_header_state_4: { switch (llhttp__internal__c_load_header_state(state, p, endp)) { case 5: goto s_n_llhttp__internal__n_invoke_or_flags_7; @@ -12688,7 +12718,7 @@ static llparse_state_t llhttp__internal__run( /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_error_17: { + s_n_llhttp__internal__n_error_18: { state->error = 0x3; state->reason = "Missing expected LF after header value"; state->error_pos = (const char*) p; @@ -12759,35 +12789,25 @@ static llparse_state_t llhttp__internal__run( err = llhttp__on_header_value(state, start, p); if (err != 0) { state->error = err; - state->error_pos = (const char*) (p + 1); - state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_18; + state->error_pos = (const char*) p; + state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_19; return s_error; } - p++; - goto s_n_llhttp__internal__n_error_18; - /* UNREACHABLE */; - abort(); - } - s_n_llhttp__internal__n_error_19: { - state->error = 0xa; - state->reason = "Invalid header value char"; - state->error_pos = (const char*) p; - state->_current = (void*) (intptr_t) s_error; - return s_error; + goto s_n_llhttp__internal__n_error_19; /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_test_flags_5: { + s_n_llhttp__internal__n_invoke_test_flags_6: { switch (llhttp__internal__c_test_flags_2(state, p, endp)) { case 1: goto s_n_llhttp__internal__n_header_value_lenient; default: - goto s_n_llhttp__internal__n_header_value_lenient_failed; + goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_2; } /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_update_header_state_3: { + s_n_llhttp__internal__n_invoke_update_header_state_4: { switch (llhttp__internal__c_update_header_state(state, p, endp)) { default: goto s_n_llhttp__internal__n_header_value_connection; @@ -12798,7 +12818,7 @@ static llparse_state_t llhttp__internal__run( s_n_llhttp__internal__n_invoke_or_flags_11: { switch (llhttp__internal__c_or_flags_3(state, p, endp)) { default: - goto s_n_llhttp__internal__n_invoke_update_header_state_3; + goto s_n_llhttp__internal__n_invoke_update_header_state_4; } /* UNREACHABLE */; abort(); @@ -12806,7 +12826,7 @@ static llparse_state_t llhttp__internal__run( s_n_llhttp__internal__n_invoke_or_flags_12: { switch (llhttp__internal__c_or_flags_4(state, p, endp)) { default: - goto s_n_llhttp__internal__n_invoke_update_header_state_3; + goto s_n_llhttp__internal__n_invoke_update_header_state_4; } /* UNREACHABLE */; abort(); @@ -12814,7 +12834,7 @@ static llparse_state_t llhttp__internal__run( s_n_llhttp__internal__n_invoke_or_flags_13: { switch (llhttp__internal__c_or_flags_5(state, p, endp)) { default: - goto s_n_llhttp__internal__n_invoke_update_header_state_3; + goto s_n_llhttp__internal__n_invoke_update_header_state_4; } /* UNREACHABLE */; abort(); @@ -12827,7 +12847,7 @@ static llparse_state_t llhttp__internal__run( /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_load_header_state_4: { + s_n_llhttp__internal__n_invoke_load_header_state_5: { switch (llhttp__internal__c_load_header_state(state, p, endp)) { case 5: goto s_n_llhttp__internal__n_invoke_or_flags_11; @@ -12843,32 +12863,32 @@ static llparse_state_t llhttp__internal__run( /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_update_header_state_4: { - switch (llhttp__internal__c_update_header_state_4(state, p, endp)) { + s_n_llhttp__internal__n_invoke_update_header_state_5: { + switch (llhttp__internal__c_update_header_state_1(state, p, endp)) { default: goto s_n_llhttp__internal__n_header_value_connection_token; } /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_update_header_state_2: { - switch (llhttp__internal__c_update_header_state_2(state, p, endp)) { + s_n_llhttp__internal__n_invoke_update_header_state_3: { + switch (llhttp__internal__c_update_header_state_3(state, p, endp)) { default: goto s_n_llhttp__internal__n_header_value_connection_ws; } /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_update_header_state_5: { - switch (llhttp__internal__c_update_header_state_5(state, p, endp)) { + s_n_llhttp__internal__n_invoke_update_header_state_6: { + switch (llhttp__internal__c_update_header_state_6(state, p, endp)) { default: goto s_n_llhttp__internal__n_header_value_connection_ws; } /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_update_header_state_6: { - switch (llhttp__internal__c_update_header_state_6(state, p, endp)) { + s_n_llhttp__internal__n_invoke_update_header_state_7: { + switch (llhttp__internal__c_update_header_state_7(state, p, endp)) { default: goto s_n_llhttp__internal__n_header_value_connection_ws; } @@ -12936,8 +12956,8 @@ static llparse_state_t llhttp__internal__run( /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_test_flags_6: { - switch (llhttp__internal__c_test_flags_6(state, p, endp)) { + s_n_llhttp__internal__n_invoke_test_flags_7: { + switch (llhttp__internal__c_test_flags_7(state, p, endp)) { case 0: goto s_n_llhttp__internal__n_header_value_content_length; default: @@ -12964,8 +12984,8 @@ static llparse_state_t llhttp__internal__run( /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_update_header_state_7: { - switch (llhttp__internal__c_update_header_state_7(state, p, endp)) { + s_n_llhttp__internal__n_invoke_update_header_state_8: { + switch (llhttp__internal__c_update_header_state_8(state, p, endp)) { default: goto s_n_llhttp__internal__n_header_value_otherwise; } @@ -12990,7 +13010,7 @@ static llparse_state_t llhttp__internal__run( /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_test_flags_8: { + s_n_llhttp__internal__n_invoke_test_flags_9: { switch (llhttp__internal__c_test_flags_2(state, p, endp)) { case 0: goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_7; @@ -13003,15 +13023,15 @@ static llparse_state_t llhttp__internal__run( s_n_llhttp__internal__n_invoke_load_type_1: { switch (llhttp__internal__c_load_type(state, p, endp)) { case 1: - goto s_n_llhttp__internal__n_invoke_test_flags_8; + goto s_n_llhttp__internal__n_invoke_test_flags_9; default: goto s_n_llhttp__internal__n_header_value_te_chunked; } /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_update_header_state_8: { - switch (llhttp__internal__c_update_header_state_4(state, p, endp)) { + s_n_llhttp__internal__n_invoke_update_header_state_9: { + switch (llhttp__internal__c_update_header_state_1(state, p, endp)) { default: goto s_n_llhttp__internal__n_header_value; } @@ -13034,7 +13054,7 @@ static llparse_state_t llhttp__internal__run( /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_test_flags_9: { + s_n_llhttp__internal__n_invoke_test_flags_10: { switch (llhttp__internal__c_test_flags_2(state, p, endp)) { case 0: goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_8; @@ -13047,7 +13067,7 @@ static llparse_state_t llhttp__internal__run( s_n_llhttp__internal__n_invoke_load_type_2: { switch (llhttp__internal__c_load_type(state, p, endp)) { case 1: - goto s_n_llhttp__internal__n_invoke_test_flags_9; + goto s_n_llhttp__internal__n_invoke_test_flags_10; default: goto s_n_llhttp__internal__n_invoke_or_flags_17; } @@ -13062,8 +13082,8 @@ static llparse_state_t llhttp__internal__run( /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_test_flags_7: { - switch (llhttp__internal__c_test_flags_7(state, p, endp)) { + s_n_llhttp__internal__n_invoke_test_flags_8: { + switch (llhttp__internal__c_test_flags_8(state, p, endp)) { case 1: goto s_n_llhttp__internal__n_invoke_load_type_2; default: @@ -13075,7 +13095,7 @@ static llparse_state_t llhttp__internal__run( s_n_llhttp__internal__n_invoke_or_flags_18: { switch (llhttp__internal__c_or_flags_18(state, p, endp)) { default: - goto s_n_llhttp__internal__n_invoke_update_header_state_8; + goto s_n_llhttp__internal__n_invoke_update_header_state_9; } /* UNREACHABLE */; abort(); @@ -13085,9 +13105,9 @@ static llparse_state_t llhttp__internal__run( case 1: goto s_n_llhttp__internal__n_header_value_connection; case 2: - goto s_n_llhttp__internal__n_invoke_test_flags_6; - case 3: goto s_n_llhttp__internal__n_invoke_test_flags_7; + case 3: + goto s_n_llhttp__internal__n_invoke_test_flags_8; case 4: goto s_n_llhttp__internal__n_invoke_or_flags_18; default: @@ -13141,8 +13161,8 @@ static llparse_state_t llhttp__internal__run( /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_update_header_state_9: { - switch (llhttp__internal__c_update_header_state_4(state, p, endp)) { + s_n_llhttp__internal__n_invoke_update_header_state_10: { + switch (llhttp__internal__c_update_header_state_1(state, p, endp)) { default: goto s_n_llhttp__internal__n_header_field_general; } @@ -13157,8 +13177,8 @@ static llparse_state_t llhttp__internal__run( /* UNREACHABLE */; abort(); } - s_n_llhttp__internal__n_invoke_update_header_state_10: { - switch (llhttp__internal__c_update_header_state_4(state, p, endp)) { + s_n_llhttp__internal__n_invoke_update_header_state_11: { + switch (llhttp__internal__c_update_header_state_1(state, p, endp)) { default: goto s_n_llhttp__internal__n_header_field_general; } diff --git a/test/parallel/test-http-header-overflow.js b/test/parallel/test-http-header-overflow.js index e53f5f05f81c31..6abbf2bafc545d 100644 --- a/test/parallel/test-http-header-overflow.js +++ b/test/parallel/test-http-header-overflow.js @@ -6,13 +6,11 @@ const assert = require('assert'); const { createServer, maxHeaderSize } = require('http'); const { createConnection } = require('net'); -const { getOptionValue } = require('internal/options'); - const CRLF = '\r\n'; const DUMMY_HEADER_NAME = 'Cookie: '; const DUMMY_HEADER_VALUE = 'a'.repeat( // Plus one is to make it 1 byte too big - maxHeaderSize - DUMMY_HEADER_NAME.length - (2 * CRLF.length) + 1 + maxHeaderSize - DUMMY_HEADER_NAME.length + 2 ); const PAYLOAD_GET = 'GET /blah HTTP/1.1'; const PAYLOAD = PAYLOAD_GET + CRLF + @@ -21,14 +19,11 @@ const PAYLOAD = PAYLOAD_GET + CRLF + const server = createServer(); server.on('connection', mustCall((socket) => { - // Legacy parser gives sligthly different response. - // This discripancy is not fixed on purpose. - const legacy = getOptionValue('--http-parser') === 'legacy'; socket.on('error', expectsError({ name: 'Error', message: 'Parse Error: Header overflow', code: 'HPE_HEADER_OVERFLOW', - bytesParsed: maxHeaderSize + PAYLOAD_GET.length - (legacy ? -1 : 0), + bytesParsed: maxHeaderSize + PAYLOAD_GET.length + (CRLF.length * 2) + 1, rawPacket: Buffer.from(PAYLOAD) })); })); diff --git a/test/parallel/test-http-missing-header-separator-cr.js b/test/parallel/test-http-missing-header-separator-cr.js index 15ef8195d19372..22cb8049512d04 100644 --- a/test/parallel/test-http-missing-header-separator-cr.js +++ b/test/parallel/test-http-missing-header-separator-cr.js @@ -6,21 +6,7 @@ const assert = require('assert'); const http = require('http'); const net = require('net'); -const msg = [ - 'GET / HTTP/1.1', - 'Host: localhost', - 'Dummy: x\nContent-Length: 23', - '', - 'GET / HTTP/1.1', - 'Dummy: GET /admin HTTP/1.1', - 'Host: localhost', - '', - '', -].join('\r\n'); - -const server = http.createServer(common.mustNotCall()); - -server.listen(0, common.mustSucceed(() => { +function serverHandler(server, msg) { const client = net.connect(server.address().port, 'localhost'); let response = ''; @@ -40,4 +26,58 @@ server.listen(0, common.mustSucceed(() => { })); client.write(msg); client.resume(); -})); +} + +{ + const msg = [ + 'GET / HTTP/1.1', + 'Host: localhost', + 'Dummy: x\nContent-Length: 23', + '', + 'GET / HTTP/1.1', + 'Dummy: GET /admin HTTP/1.1', + 'Host: localhost', + '', + '', + ].join('\r\n'); + + const server = http.createServer(common.mustNotCall()); + + server.listen(0, common.mustSucceed(serverHandler.bind(null, server, msg))); +} + +{ + const msg = [ + 'POST / HTTP/1.1', + 'Host: localhost', + 'x:x\nTransfer-Encoding: chunked', + '', + '1', + 'A', + '0', + '', + '', + ].join('\r\n'); + + const server = http.createServer(common.mustNotCall()); + + server.listen(0, common.mustSucceed(serverHandler.bind(null, server, msg))); +} + +{ + const msg = [ + 'POST / HTTP/1.1', + 'Host: localhost', + 'x:\nTransfer-Encoding: chunked', + '', + '1', + 'A', + '0', + '', + '', + ].join('\r\n'); + + const server = http.createServer(common.mustNotCall()); + + server.listen(0, common.mustSucceed(serverHandler.bind(null, server, msg))); +} diff --git a/test/parallel/test-http-transfer-encoding-smuggling.js b/test/parallel/test-http-transfer-encoding-smuggling.js index 9cd611464fec08..a6677b46155787 100644 --- a/test/parallel/test-http-transfer-encoding-smuggling.js +++ b/test/parallel/test-http-transfer-encoding-smuggling.js @@ -6,47 +6,84 @@ const assert = require('assert'); const http = require('http'); const net = require('net'); -const msg = [ - 'POST / HTTP/1.1', - 'Host: 127.0.0.1', - 'Transfer-Encoding: chunked', - 'Transfer-Encoding: chunked-false', - 'Connection: upgrade', - '', - '1', - 'A', - '0', - '', - 'GET /flag HTTP/1.1', - 'Host: 127.0.0.1', - '', - '', -].join('\r\n'); - -const server = http.createServer(common.mustNotCall((req, res) => { - res.end(); -}, 1)); - -server.listen(0, common.mustSucceed(() => { - const client = net.connect(server.address().port, 'localhost'); - - let response = ''; - - // Verify that the server listener is never called - - client.on('data', common.mustCall((chunk) => { - response += chunk.toString('utf-8'); +{ + const msg = [ + 'POST / HTTP/1.1', + 'Host: 127.0.0.1', + 'Transfer-Encoding: chunked', + 'Transfer-Encoding: chunked-false', + 'Connection: upgrade', + '', + '1', + 'A', + '0', + '', + 'GET /flag HTTP/1.1', + 'Host: 127.0.0.1', + '', + '', + ].join('\r\n'); + + const server = http.createServer(common.mustNotCall((req, res) => { + res.end(); + }, 1)); + + server.listen(0, common.mustSucceed(() => { + const client = net.connect(server.address().port, 'localhost'); + + let response = ''; + + // Verify that the server listener is never called + + client.on('data', common.mustCall((chunk) => { + response += chunk.toString('utf-8'); + })); + + client.setEncoding('utf8'); + client.on('error', common.mustNotCall()); + client.on('end', common.mustCall(() => { + assert.strictEqual( + response, + 'HTTP/1.1 400 Bad Request\r\nConnection: close\r\n\r\n' + ); + server.close(); + })); + client.write(msg); + client.resume(); })); +} + +{ + const msg = [ + 'POST / HTTP/1.1', + 'Host: 127.0.0.1', + 'Transfer-Encoding: chunked', + ' , chunked-false', + 'Connection: upgrade', + '', + '1', + 'A', + '0', + '', + 'GET /flag HTTP/1.1', + 'Host: 127.0.0.1', + '', + '', + ].join('\r\n'); + + const server = http.createServer(common.mustCall((request, response) => { + assert.notStrictEqual(request.url, '/admin'); + response.end('hello world'); + }), 1); + + server.listen(0, common.mustSucceed(() => { + const client = net.connect(server.address().port, 'localhost'); + + client.on('end', common.mustCall(function() { + server.close(); + })); - client.setEncoding('utf8'); - client.on('error', common.mustNotCall()); - client.on('end', common.mustCall(() => { - assert.strictEqual( - response, - 'HTTP/1.1 400 Bad Request\r\nConnection: close\r\n\r\n' - ); - server.close(); + client.write(msg); + client.resume(); })); - client.write(msg); - client.resume(); -})); +}