gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

#174 修正HTTP1解析层在解析HTTP头部时,误采用前缀匹配判断头部是否为标准定义的问题。

Browse Source 
* 原实现在判断请求/应答头部字段是否为标准头部时,没有判断传入字符串长度是否相等,导致当传入字符串为标准头部的前缀时误将其解析为标准头部;
* 现修正,增加判断字符串长度的流程,当字符串长度完全相等时再执行字符串匹配。
This commit is contained in:
luqiuwen
2019-09-23 19:07:32 +08:00
parent cd0fd187ad
commit ce8c8cd899
2 changed files with 18 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
plugin/protocol/http/src/http_half.cpp
View File

@@ -20,12 +20,19 @@ static enum tfe_http_std_field __str_header_field_to_std_field_id(const char * s
/* TODO: store the header text in hash table or rbtree, or use AC multistring search algo. */ /* TODO: store the header text in hash table or rbtree, or use AC multistring search algo. */
for (unsigned int i = 0; i < __str_std_header_field_map_size; i++) for (unsigned int i = 0; i < __str_std_header_field_map_size; i++)
{ {
const char * __std_header_field = __str_std_header_field_map[i]; const char * std_header_field_iter = __str_std_header_field_map[i];
if (__std_header_field == NULL) if (std_header_field_iter == NULL)
continue; continue;
size_t __compare_length = MIN(strlen(__std_header_field), len); /* std_header_field_iter must contains '\0' */
if (evutil_ascii_strncasecmp(__std_header_field, str_field, __compare_length) != 0) size_t std_field_length = strlen(std_header_field_iter);
/* but the str_field may don't contains '\0', so must use strnlen */
size_t field_length = strnlen(str_field, len);
if (std_field_length != field_length)
continue;
if (strncasecmp(std_header_field_iter, str_field, std_field_length) != 0)
continue; continue;
return (enum tfe_http_std_field) i; return (enum tfe_http_std_field) i;

7
plugin/protocol/http/test/test_http_half.cpp
View File

@@ -46,6 +46,7 @@ static const char * __get_http_request_no_body =
"GET /gfwlist/gfwlist/master/gfwlist.txt HTTP/1.1\r\n" "GET /gfwlist/gfwlist/master/gfwlist.txt HTTP/1.1\r\n"
"Host: raw.githubusercontent.com\r\n" "Host: raw.githubusercontent.com\r\n"
"Connection: close\r\n" "Connection: close\r\n"
"User: User-Test\r\n"
"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36\r\n" "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36\r\n"
"Accept: */*\r\n" "Accept: */*\r\n"
"Accept-Encoding: gzip, deflate\r\n" "Accept-Encoding: gzip, deflate\r\n"
@@ -82,6 +83,12 @@ void __get_http_request_header_verify_helper(struct http_half_private * hf_priva
EXPECT_EQ(field_name.field_id, TFE_HTTP_CONNECTION); EXPECT_EQ(field_name.field_id, TFE_HTTP_CONNECTION);
EXPECT_STREQ(hdr_value, "close"); EXPECT_STREQ(hdr_value, "close");
/* User */
hdr_value = tfe_http_field_iterate(hf_public, &__iterator, &field_name);
EXPECT_EQ(field_name.field_id, TFE_HTTP_UNKNOWN_FIELD);
EXPECT_STREQ(field_name.field_name, "User");
EXPECT_STREQ(hdr_value, "User-Test");
/* User-Agent */ /* User-Agent */
hdr_value = tfe_http_field_iterate(hf_public, &__iterator, &field_name); hdr_value = tfe_http_field_iterate(hf_public, &__iterator, &field_name);
EXPECT_EQ(field_name.field_id, TFE_HTTP_USER_AGENT); EXPECT_EQ(field_name.field_id, TFE_HTTP_USER_AGENT);