reject message with different values in multiple Content-Length header field - efi-boot-shim.git - (mirror of https://github.com/vyos/efi-boot-shim.git)

diff options

author	Dennis Tseng <dennis.tseng@suse.com>	2024-02-12 22:15:37 +0800
committer	Peter Jones <pjones@redhat.com>	2025-02-26 09:38:43 -0500
commit	1958b0f3014f7473f72604865ef1cd14c62cc9ef (patch)
tree	6140aadb12f724a715386d14177e7e31db4864db /Cryptlib/OpenSSL/crypto/uid.c
parent	489af5efca492140ea40bd83ea2f3b021f0725e9 (diff)
download	efi-boot-shim-1958b0f3014f7473f72604865ef1cd14c62cc9ef.tar.gz efi-boot-shim-1958b0f3014f7473f72604865ef1cd14c62cc9ef.zip

reject message with different values in multiple Content-Length header field

If multiple headers occur, usually the last header would have authority; however the section 3.3.3 of RFC 7230 states that: If a message is received without Transfer-Encoding and with either multiple Content-Length header fields having differing field-values or ..., then the message framing is invalid and the recipient MUST treat it as an unrecoverable error. For example: If there are 2 headers, for example, "Content-Length: 42" and "Content-Length: 52", then current shim httpboot.c will accept the last one which is "Content-Length": 52". This is not correct. This patch allows multiple values if they are the same, but rejects message if any different value is found. In function receive_http_response() of httpboot.c, each received duplicate Content-Length field must be checked whether its value is different. If it is, then this message is invalid. Signed-off-by: Dennis Tseng <dennis.tseng@suse.com>

Diffstat (limited to 'Cryptlib/OpenSSL/crypto/uid.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: