mirror of
git://git.openembedded.org/meta-openembedded
synced 2026-04-03 03:19:23 +00:00
12d4f40a4a
Details: https://nvd.nist.gov/vuln/detail/CVE-2022-24801 Pick the commits from the pull request that is referenced by the NVD report. (The full set is consisting of 13 patches, but the ones that only updated news/readme/typo fixes in comments were not backported) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
64 lines
2.6 KiB
Diff
64 lines
2.6 KiB
Diff
From 232c32ca0ecc3f9d263e2184253a839ce99b4f31 Mon Sep 17 00:00:00 2001
|
|
From: Tom Most <twm@freecog.net>
|
|
Date: Mon, 7 Mar 2022 00:02:55 -0800
|
|
Subject: [PATCH] Replace obs-fold with a single space
|
|
|
|
Upstream-Status: Backport [https://github.com/twisted/twisted/commit/79ee8c564ca0d4c2910c8859e0a6014d2dc40005]
|
|
CVE: CVE-2022-24801
|
|
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
|
---
|
|
src/twisted/web/http.py | 2 +-
|
|
src/twisted/web/test/test_http.py | 13 +++++++++----
|
|
2 files changed, 10 insertions(+), 5 deletions(-)
|
|
|
|
diff --git a/src/twisted/web/http.py b/src/twisted/web/http.py
|
|
index b99480f..5491953 100644
|
|
--- a/src/twisted/web/http.py
|
|
+++ b/src/twisted/web/http.py
|
|
@@ -2246,7 +2246,7 @@ class HTTPChannel(basic.LineReceiver, policies.TimeoutMixin):
|
|
self.setRawMode()
|
|
elif line[0] in b" \t":
|
|
# Continuation of a multi line header.
|
|
- self.__header = self.__header + b"\n" + line
|
|
+ self.__header += b" " + line.lstrip(b" \t")
|
|
# Regular header line.
|
|
# Processing of header line is delayed to allow accumulating multi
|
|
# line headers.
|
|
diff --git a/src/twisted/web/test/test_http.py b/src/twisted/web/test/test_http.py
|
|
index 0549ed0..8a7adc0 100644
|
|
--- a/src/twisted/web/test/test_http.py
|
|
+++ b/src/twisted/web/test/test_http.py
|
|
@@ -1795,7 +1795,12 @@ class ParsingTests(unittest.TestCase):
|
|
Line folded headers are handled by L{HTTPChannel} by replacing each
|
|
fold with a single space by the time they are made available to the
|
|
L{Request}. Any leading whitespace in the folded lines of the header
|
|
- value is preserved.
|
|
+ value is replaced with a single space, per:
|
|
+
|
|
+ A server that receives an obs-fold in a request message ... MUST
|
|
+ ... replace each received obs-fold with one or more SP octets prior
|
|
+ to interpreting the field value or forwarding the message
|
|
+ downstream.
|
|
|
|
See RFC 7230 section 3.2.4.
|
|
"""
|
|
@@ -1832,15 +1837,15 @@ class ParsingTests(unittest.TestCase):
|
|
)
|
|
self.assertEqual(
|
|
request.requestHeaders.getRawHeaders(b"space"),
|
|
- [b"space space"],
|
|
+ [b"space space"],
|
|
)
|
|
self.assertEqual(
|
|
request.requestHeaders.getRawHeaders(b"spaces"),
|
|
- [b"spaces spaces spaces"],
|
|
+ [b"spaces spaces spaces"],
|
|
)
|
|
self.assertEqual(
|
|
request.requestHeaders.getRawHeaders(b"tab"),
|
|
- [b"t \ta \tb"],
|
|
+ [b"t a b"],
|
|
)
|
|
|
|
def test_headerStripWhitespace(self):
|