Project

General

Profile

Actions

Bug #3643

closed

Libhtp request: extra whitespace interpreted as dummy new request

Added by Philippe Antoine over 2 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Normal
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

Reported in https://github.com/OISF/libhtp/pull/290

In htp_connp_REQ_FINALIZE, we unread the last end of line so that subsequent calls to htp_connp_REQ_LINE work. However, whenever we enter htp_connp_REQ_IDLE state, the check IN_TEST_NEXT_BYTE_OR_RETURN(connp) always passes even when there is no more data beyond the CRLF creating an empty transaction. htp_connp_REQ_IDLE now explicitly checks to make sure that if we only have two bytes of data, those two bytes are not simply the CRLF before starting a new transaction.

PR :
https://github.com/OISF/libhtp/pull/291


Related issues 1 (0 open1 closed)

Blocks Task #3479: libhtp 0.5.33 (4.1.x)ClosedPhilippe AntoineActions
Actions #1

Updated by Philippe Antoine over 2 years ago

Actions #2

Updated by Victor Julien over 2 years ago

  • Assignee set to Philippe Antoine
  • Target version changed from 5.0.3 to 6.0.0beta1
Actions #3

Updated by Victor Julien over 2 years ago

  • Status changed from In Review to Closed
Actions

Also available in: Atom PDF