From 9f8b7ea19b7fe7edd4e7f339b3509b7741db0ac1 Mon Sep 17 00:00:00 2001 From: "Adi (Suissa) Peleg" Date: Tue, 3 Oct 2023 16:07:57 -0400 Subject: [PATCH] fuzz: fix h10 codec validation (#29924) Signed-off-by: Adi Suissa-Peleg --- .../http/codec_impl_corpus/h10_empty_hostname | 33 +++++++++++++++++++ test/common/http/codec_impl_fuzz_test.cc | 6 ++++ 2 files changed, 39 insertions(+) create mode 100644 test/common/http/codec_impl_corpus/h10_empty_hostname diff --git a/test/common/http/codec_impl_corpus/h10_empty_hostname b/test/common/http/codec_impl_corpus/h10_empty_hostname new file mode 100644 index 000000000000..f541da572451 --- /dev/null +++ b/test/common/http/codec_impl_corpus/h10_empty_hostname @@ -0,0 +1,33 @@ +h1_settings { + server { + accept_http_10: true + default_host_for_http_10: "\000\000\000\000\000\000\000\000" + } +} +actions { + new_stream { + request_headers { + headers { + key: ":method" + value: "GET" + } + headers { + key: ":path" + value: "/" + } + } + end_stream: true + } +} +actions { + mutate { + offset: 5 + value: 48 + } +} +actions { + mutate { + offset: 48 + value: 48 + } +} diff --git a/test/common/http/codec_impl_fuzz_test.cc b/test/common/http/codec_impl_fuzz_test.cc index 42dc4e692c01..46db8ea12b5c 100644 --- a/test/common/http/codec_impl_fuzz_test.cc +++ b/test/common/http/codec_impl_fuzz_test.cc @@ -66,6 +66,12 @@ Http1Settings fromHttp1Settings(const test::common::http::Http1ServerSettings& s h1_settings.accept_http_10_ = settings.accept_http_10(); h1_settings.default_host_for_http_10_ = settings.default_host_for_http_10(); + // If the server accepts a HTTP/1.0 then the default host must be valid. + if (h1_settings.accept_http_10_ && + !HeaderUtility::authorityIsValid(h1_settings.default_host_for_http_10_)) { + throw EnvoyException("Invalid Http1ServerSettings, HTTP/1.0 is enabled and " + "'default_host_for_http_10' has invalid hostname, skipping test."); + } return h1_settings; }