diff --git a/lib/_http_client.js b/lib/_http_client.js index cd8152cd55c512..448be27a72ed7e 100644 --- a/lib/_http_client.js +++ b/lib/_http_client.js @@ -14,6 +14,8 @@ const OutgoingMessage = require('_http_outgoing').OutgoingMessage; const Agent = require('_http_agent'); const Buffer = require('buffer').Buffer; +const REVERT_CVE_2018_12116 = process.REVERT_CVE_2018_12116; + const INVALID_PATH_REGEX = /[^\u0021-\u00ff]/; function ClientRequest(options, cb) { @@ -47,7 +49,14 @@ function ClientRequest(options, cb) { var path; if (options.path) { path = String(options.path); - if (INVALID_PATH_REGEX.test(path)) + var invalidPath; + if (REVERT_CVE_2018_12116) { + invalidPath = /[\u0000-\u0020]/.test(path); + } else { + invalidPath = INVALID_PATH_REGEX.test(path); + } + + if (invalidPath) throw new TypeError('Request path contains unescaped characters'); } diff --git a/src/node_revert.h b/src/node_revert.h index 1f7533c0e59aab..9c05270cc6e466 100644 --- a/src/node_revert.h +++ b/src/node_revert.h @@ -15,8 +15,8 @@ **/ namespace node { -#define SECURITY_REVERSIONS(XX) -// XX(CVE_2016_PEND, "CVE-2016-PEND", "Vulnerability Title") +#define SECURITY_REVERSIONS(XX) \ + XX(CVE_2018_12116, "CVE-2018-12116", "HTTP request splitting") enum reversion { #define V(code, ...) SECURITY_REVERT_##code,