http0.9: process headers if there are non-space characters #410
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Previously, we fell back on HTTP/0.9 if there was a missing protocol except if the following line cintained a colon. This makes libhtp stricter to consider a transaction as 0.9 by only accepting if we have spaces after the request line as done in libhtp-rs
|
Are there Suricata-Verify tests for this? |
No, there is the unit test 23-http09-multiple.t |
|
Can you craft a SV test for this issue? |
|
Do you also want a redmine ticket for this ? |
This was referenced Dec 21, 2023
|
Replaced by #412 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Previously, we fell back on HTTP/0.9 if there was a missing protocol except if the following line contained a colon.
We make libhtp simpler by only switching to HTTP/0.9 if we have only spaces afterwards
#405 now that cccs-rtmorti/libhtp-rs#10 was merged to check CIFuzz again
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=54982&q=label%3AProj-libhtp&can=2