http: disallow repeated headers from servers

Don't allow servers to send us multiple Content-Type, Content-Length or Location headers.

http: disallow repeated headers from servers
Don't allow servers to send us multiple Content-Type, Content-Length or Location headers.
0467606f · Edward Thomson · 3a2e4836 · 0467606f
Commit 0467606f authored Nov 18, 2018 by Edward Thomson
Show whitespace changes
Inline Side-by-side

Showing with 15 additions and 6 deletions

src/transports/http.c
+15 -6

No files found.
--- a/src/transports/http.c
+++ b/src/transports/http.c
@@ -306,17 +306,23 @@ static int on_header_ready(http_subtransport *t)
 	git_buf *value = &t->parse_header_value;
 	if (!strcasecmp("Content-Type", git_buf_cstr(name))) {
-		if (!t->content_type) {
+		if (t->content_type) {
+			giterr_set(GITERR_NET, "multiple Content-Type headers");
+			return -1;
+		}
 		t->content_type = git__strdup(git_buf_cstr(value));
 		GITERR_CHECK_ALLOC(t->content_type);
 	}
-	}
 	else if (!strcasecmp("Content-Length", git_buf_cstr(name))) {
-		if (!t->content_length) {
+		if (t->content_length) {
+			giterr_set(GITERR_NET, "multiple Content-Length headers");
+			return -1;
+		}
 		t->content_length = git__strdup(git_buf_cstr(value));
 		GITERR_CHECK_ALLOC(t->content_length);
 	}
-	}
 	else if (!strcasecmp("Proxy-Authenticate", git_buf_cstr(name))) {
 		char *dup = git__strdup(git_buf_cstr(value));
 		GITERR_CHECK_ALLOC(dup);
@@ -332,11 +338,14 @@ static int on_header_ready(http_subtransport *t)
 			return -1;
 	}
 	else if (!strcasecmp("Location", git_buf_cstr(name))) {
-		if (!t->location) {
+		if (t->location) {
+			giterr_set(GITERR_NET, "multiple Location headers");
+			return -1;
+		}
 		t->location = git__strdup(git_buf_cstr(value));
 		GITERR_CHECK_ALLOC(t->location);
 	}
-	}
 	return 0;
 }