Check if the MP header contains invalid character

2025-09-29 19:24:29 +03:00 · 2024-08-13 18:26:18 +02:00
parent 305f33fea1
commit 6388d88f38
2 changed files with 63 additions and 0 deletions
--- a/src/request_body_processor/multipart.cc
+++ b/src/request_body_processor/multipart.cc
@@ -918,6 +918,18 @@ int Multipart::process_part_header(std::string *error, int offset) {
                 return false;
            }

+            /* check if multipart header contains any invalid characters */
+            for (const auto& ch : header_name) {
+                if (ch < 33 || ch > 126) {
+                    ms_dbg_a(m_transaction, 1,
+                        "Multipart: Invalid part header " \
+                        "(contains invalid character).");
+                    error->assign("Multipart: Invalid part header "\
+                        "(contains invalid character).");
+                    return false;
+                }
+            }
+
            /* extract the value value */
            data++;
            i++;