Handle invalid CRLF in header name. fixes #122 (#141)

Kludex · Sep 28, 2024 · dcf0ba1 · dcf0ba1
1 parent 851a026
commit dcf0ba1
Show file tree

Hide file tree

Showing 4 changed files with 11 additions and 2 deletions.
diff --git a/multipart/multipart.py b/multipart/multipart.py
@@ -1163,7 +1163,7 @@ def data_callback(name: str, remaining: bool = False) -> None:
                 # If we've reached a CR at the beginning of a header, it means
                 # that we've reached the second of 2 newlines, and so there are
                 # no more headers to parse.
-                if c == CR:
+                if c == CR and index == 0:
                     delete_mark("header_field")
                     state = MultipartState.HEADERS_ALMOST_DONE
                     i += 1

diff --git a/tests/test_data/http/CRLF_in_header.http b/tests/test_data/http/CRLF_in_header.http
@@ -0,0 +1,6 @@
+------WebKitFormBoundaryTkr3kCBQlBe1nrhc
+Content-
+isposition: form-data; name="field"
+
+This is a test.
+------WebKitFormBoundaryTkr3kCBQlBe1nrhc--
diff --git a/tests/test_data/http/CRLF_in_header.yaml b/tests/test_data/http/CRLF_in_header.yaml
@@ -0,0 +1,3 @@
+boundary: ----WebKitFormBoundaryTkr3kCBQlBe1nrhc
+expected:
+    error: 50
diff --git a/tests/test_data/http/CR_in_header.yaml b/tests/test_data/http/CR_in_header.yaml
@@ -1,3 +1,3 @@
 boundary: ----WebKitFormBoundaryTkr3kCBQlBe1nrhc
 expected:
-    error: 51
+    error: 50