Commit 9a7d2000 authored by Artem Boldariev's avatar Artem Boldariev
Browse files

Merge branch 'artem/doh-empty-query-string-crash-fix' into 'main'

Fix crash in DoH on empty query string in GET requests

See merge request !5268
parents 1c5d0335 3e3c944d
Pipeline #77185 failed with stages
in 22 minutes and 11 seconds
5680. [bug] Fix a crash in DoH code caused by GET requests without
query strings. [GL !5268]
5679. [bug] Disable setting the thread affinity. [GL #2822]
 
5678. [bug] The "check DS" code failed to release all resources upon
named shutdown when a refresh was in progress. This has
been fixed. [GL #2811]
......
......@@ -1706,6 +1706,11 @@ server_handle_path_header(isc_nmsocket_t *socket, const uint8_t *value,
socket->h2.request_path = NULL;
return (ISC_HTTP_ERROR_NOT_FOUND);
}
/* The spec does not mention which value the query string for POST
* should have. For GET we use its value to decode a DNS message
* from it, for POST the message is transferred in the body of the
* request. Taking it into account, it is much safer to treat POST
* requests with query strings as malformed ones. */
if (qstr != NULL) {
const char *dns_value = NULL;
size_t dns_value_len = 0;
......@@ -1734,6 +1739,9 @@ server_handle_path_header(isc_nmsocket_t *socket, const uint8_t *value,
} else {
return (ISC_HTTP_ERROR_BAD_REQUEST);
}
} else if (qstr == NULL && socket->h2.request_type == ISC_HTTP_REQ_GET)
{
return (ISC_HTTP_ERROR_BAD_REQUEST);
}
return (ISC_HTTP_ERROR_SUCCESS);
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment