diff options
| author | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2022-01-29 13:44:50 +0000 |
|---|---|---|
| committer | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2022-01-29 13:44:50 +0000 |
| commit | 00927e0ef03a05916151c15c16f7e2697d655379 (patch) | |
| tree | 490515576c29ce6ec623d7a96a866c4f28666a11 /src/lua/lua_http.c | |
| parent | cc7c9000e05e1810d408f4e9b40e2073e85cb0fb (diff) | |
| download | rspamd-00927e0ef03a05916151c15c16f7e2697d655379.tar.gz rspamd-00927e0ef03a05916151c15c16f7e2697d655379.zip | |
[Fix] Fix host header usage in lua_http
The issue is that `rspamd_http_message_get_http_host` actually returns
non zero-terminated string in the case where `Host` header is found in a
message. Hence, we *cannot* treat it as a zero terminated string.
The proper approach is to use `rspamd_ftok_t` everywhere for strings
but the change will be too intrusive, since it also involves many libraries,
e.g. `rdns` and others.
The current approach is much simplier: just copy a string into a temporary
buffer ensuring that it is zero terminated in all the cases.
Issue: #4051
Diffstat (limited to 'src/lua/lua_http.c')
| -rw-r--r-- | src/lua/lua_http.c | 22 |
1 files changed, 17 insertions, 5 deletions
diff --git a/src/lua/lua_http.c b/src/lua/lua_http.c index ce2a48d63..0ff8695d3 100644 --- a/src/lua/lua_http.c +++ b/src/lua/lua_http.c @@ -75,7 +75,7 @@ struct lua_http_cbdata { struct rspamd_cryptobox_pubkey *peer_pk; rspamd_inet_addr_t *addr; gchar *mime_type; - const gchar *host; + gchar *host; gchar *auth; const gchar *url; gsize max_size; @@ -134,6 +134,10 @@ lua_http_fin (gpointer arg) g_free (cbd->auth); } + if (cbd->host) { + g_free (cbd->host); + } + if (cbd->local_kp) { rspamd_keypair_unref (cbd->local_kp); } @@ -1060,13 +1064,18 @@ lua_http_request (lua_State *L) bool numeric_ip = false; /* Check if we can skip resolving */ - cbd->host = rspamd_http_message_get_http_host (msg); + gsize hostlen = 0; + const gchar *host = rspamd_http_message_get_http_host (msg, &hostlen); + + if (host) { + cbd->host = malloc (hostlen + 1); + rspamd_strlcpy (cbd->host, host, hostlen + 1); - if (cbd->host) { if (cbd->flags & RSPAMD_LUA_HTTP_FLAG_KEEP_ALIVE) { const rspamd_inet_addr_t *ka_addr = rspamd_http_context_has_keepalive(NULL, - rspamd_http_message_get_http_host (msg), - msg->port, msg->flags & RSPAMD_HTTP_FLAG_WANT_SSL); + cbd->host, + msg->port, + msg->flags & RSPAMD_HTTP_FLAG_WANT_SSL); if (ka_addr) { cbd->addr = rspamd_inet_address_copy(ka_addr); @@ -1083,6 +1092,9 @@ lua_http_request (lua_State *L) } } } + else { + cbd->host = NULL; + } if (numeric_ip) { /* Host is numeric IP, no need to resolve */ |