Check if the MP header contains invalid character

2025-08-14 13:56:01 +03:00 · 2024-08-13 11:07:18 +02:00 · 2024-08-13 11:07:18 +02:00 · f27c85cf47
commit f27c85cf47
parent 935e68c816
1 changed files with 11 additions and 1 deletions
--- a/apache2/msc_multipart.c
+++ b/apache2/msc_multipart.c
@ -402,7 +402,7 @@ static int multipart_process_part_header(modsec_rec *msr, char **error_msg) {
            if (msr->mpd->mpp->last_header_line != NULL) {
                *(char **)apr_array_push(msr->mpd->mpp->header_lines) = msr->mpd->mpp->last_header_line;
                msr_log(msr, 9, "Multipart: Added part header line \"%s\"", msr->mpd->mpp->last_header_line);
-	    }
+            }

            data = msr->mpd->buf;

@ -424,6 +424,16 @@ static int multipart_process_part_header(modsec_rec *msr, char **error_msg) {
                 return -1;
            }

+            /* check if multipart header contains any invalid characters */
+            char *ch = header_name;
+            while(*ch != '\0') {
+                if (*ch < 33 || *ch > 126) {
+                    *error_msg = apr_psprintf(msr->mp, "Multipart: Invalid part header (contains invalid character).");
+                    return -1;
+                }
+                ch++;
+            }
+
            /* extract the value value */
            data++;
            while((*data == '\t') || (*data == ' ')) data++;