4312 2005-08-06 20:35:38 -0700 XMLHttpRequest headers that have two CRLF sequences lead to Obj-C exception 2019-02-06 09:03:48 -0800 1 1 1 Unclassified WebKit DOM 420+ Mac OS X 10.4 RESOLVED FIXED P2 Normal --- 1 darin darin cdumez oldest_to_newest 16055 0 darin 2005-08-06 20:35:38 -0700 Just need a check for empty lines. 16056 1 3250 darin 2005-08-06 20:37:48 -0700 Created attachment 3250 just added a check for empty lines in the code that parses headers We could do even more to prohibit CRLF in the XMLHttpRequest API before it gets to this point, but this change is all that's needed to make the bad symptom go away. 16200 2 3250 sullivan 2005-08-08 09:22:04 -0700 Comment on attachment 3250 just added a check for empty lines in the code that parses headers This patch looks fine (checking for [line length] rather than line != nil), plus some formatting changes. Did you notice this bug by inspection, or is there a test case to make it fail? It seems like an obviously correct improvement, but a test case would be nice. 16203 3 darin 2005-08-08 09:56:27 -0700 I found this by code inspection after examining a security report about vulnerabilities in other browsers' XMLHttpRequest implementations. 26184 4 3250 ggaren 2005-12-19 09:11:48 -0800 Comment on attachment 3250 just added a check for empty lines in the code that parses headers r=sullivan+me 27609 5 darin 2006-01-03 10:45:35 -0800 <rdar://problem/4376060> Unhandled ObjC exception dealing with malformed xmlhttprequest headers (4312) 1503040 6 lforschler 2019-02-06 09:03:48 -0800 Mass moving XML DOM bugs to the "DOM" Component. 3250 2005-08-06 20:37:48 -0700 2005-12-19 09:11:48 -0800 just added a check for empty lines in the code that parses headers EmptyLinePatch.txt text/plain 2379 darin SW5kZXg6IGt3cS9LV1FMb2FkZXIubW0KPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQpSQ1MgZmlsZTogL2N2cy9yb290L1dl YkNvcmUva3dxL0tXUUxvYWRlci5tbSx2CnJldHJpZXZpbmcgcmV2aXNpb24gMS4xMjAKZGlmZiAt cCAtdSAtdSAtcCAtcjEuMTIwIGt3cS9LV1FMb2FkZXIubW0KLS0tIGt3cS9LV1FMb2FkZXIubW0J MiBNYXIgMjAwNSAwMjoxNzo1OSAtMDAwMAkxLjEyMAorKysga3dxL0tXUUxvYWRlci5tbQk3IEF1 ZyAyMDA1IDAzOjIwOjI4IC0wMDAwCkBAIC01OSwyNiArNTksMjcgQEAgYm9vbCBLV1FTZXJ2ZVJl cXVlc3QoTG9hZGVyICpsb2FkZXIsIFJlcQogQGVuZAogCiBAaW1wbGVtZW50YXRpb24gTlNEaWN0 aW9uYXJ5IChXZWJDb3JlX0V4dHJhcykKKwogKyAoaWQpX3dlYmNvcmVfZGljdGlvbmFyeVdpdGhI ZWFkZXJTdHJpbmc6KE5TU3RyaW5nICopc3RyaW5nCiB7CiAgICAgTlNNdXRhYmxlRGljdGlvbmFy eSAqaGVhZGVycyA9IFtbTlNNdXRhYmxlRGljdGlvbmFyeSBhbGxvY10gaW5pdF07CiAKICAgICBO U0FycmF5ICpsaW5lcyA9IFtzdHJpbmcgY29tcG9uZW50c1NlcGFyYXRlZEJ5U3RyaW5nOkAiXHJc biJdOwotCiAgICAgTlNFbnVtZXJhdG9yICplID0gW2xpbmVzIG9iamVjdEVudW1lcmF0b3JdOwot ICAgIE5TU3RyaW5nICpsaW5lOwotCiAgICAgTlNTdHJpbmcgKmxhc3RIZWFkZXJOYW1lID0gbmls OwogCi0gICAgd2hpbGUgKChsaW5lID0gKE5TU3RyaW5nICopW2UgbmV4dE9iamVjdF0pICE9IG5p bCkgewotCWlmICgoW2xpbmUgY2hhcmFjdGVyQXRJbmRleDowXSA9PSAnICcgfHwgW2xpbmUgY2hh cmFjdGVyQXRJbmRleDowXSA9PSAnXHQnKQotCSAgICAmJiBsYXN0SGVhZGVyTmFtZSAhPSBuaWwp IHsKLQkgICAgLy8gbGluZXMgdGhhdCBzdGFydCB3aXRoIHNwYWNlIG9yIHRhYiBjb250aW51ZSB0 aGUgcHJldmlvdXMgaGVhZGVyIHZhbHVlCi0JICAgIE5TU3RyaW5nICpvbGRWYWwgPSBbaGVhZGVy cyBvYmplY3RGb3JLZXk6bGFzdEhlYWRlck5hbWVdOwotCSAgICBBU1NFUlQob2xkVmFsKTsKLQkg ICAgW2hlYWRlcnMgc2V0T2JqZWN0OltOU1N0cmluZyBzdHJpbmdXaXRoRm9ybWF0OkAiJUAgJUAi LCBvbGRWYWwsIFtsaW5lIHN0cmluZ0J5VHJpbW1pbmdDaGFyYWN0ZXJzSW5TZXQ6W05TQ2hhcmFj dGVyU2V0IGNoYXJhY3RlclNldFdpdGhDaGFyYWN0ZXJzSW5TdHJpbmc6QCIgXHQiXV1dCi0JICAg ICAgICAgICAgICAgIGZvcktleTpsYXN0SGVhZGVyTmFtZV07Ci0JICAgIGNvbnRpbnVlOworICAg IHdoaWxlIChOU1N0cmluZyAqbGluZSA9IChOU1N0cmluZyAqKVtlIG5leHRPYmplY3RdKSB7CisJ aWYgKFtsaW5lIGxlbmd0aF0pIHsKKyAgICAgICAgICAgIHVuaWNoYXIgZmlyc3RDaGFyID0gW2xp bmUgY2hhcmFjdGVyQXRJbmRleDowXTsKKyAgICAgICAgICAgIGlmICgoZmlyc3RDaGFyID09ICcg JyB8fCBmaXJzdENoYXIgPT0gJ1x0JykgJiYgbGFzdEhlYWRlck5hbWUgIT0gbmlsKSB7CisgICAg ICAgICAgICAgICAgLy8gbGluZXMgdGhhdCBzdGFydCB3aXRoIHNwYWNlIG9yIHRhYiBjb250aW51 ZSB0aGUgcHJldmlvdXMgaGVhZGVyIHZhbHVlCisgICAgICAgICAgICAgICAgTlNTdHJpbmcgKm9s ZFZhbCA9IFtoZWFkZXJzIG9iamVjdEZvcktleTpsYXN0SGVhZGVyTmFtZV07CisgICAgICAgICAg ICAgICAgQVNTRVJUKG9sZFZhbCk7CisgICAgICAgICAgICAgICAgTlNTdHJpbmcgKm5ld1ZhbCA9 IFtsaW5lIHN0cmluZ0J5VHJpbW1pbmdDaGFyYWN0ZXJzSW5TZXQ6W05TQ2hhcmFjdGVyU2V0IGNo YXJhY3RlclNldFdpdGhDaGFyYWN0ZXJzSW5TdHJpbmc6QCIgXHQiXV07CisgICAgICAgICAgICAg ICAgW2hlYWRlcnMgc2V0T2JqZWN0OltOU1N0cmluZyBzdHJpbmdXaXRoRm9ybWF0OkAiJUAgJUAi LCBvbGRWYWwsIG5ld1ZhbF0KKyAgICAgICAgICAgICAgICAgICAgICAgICAgICBmb3JLZXk6bGFz dEhlYWRlck5hbWVdOworICAgICAgICAgICAgICAgIGNvbnRpbnVlOworICAgICAgICAgICAgfQog CX0KIAogCU5TUmFuZ2UgY29sb25SYW5nZSA9IFtsaW5lIHJhbmdlT2ZTdHJpbmc6QCI6Il07CkBA IC05OSw3ICsxMDAsNyBAQCBib29sIEtXUVNlcnZlUmVxdWVzdChMb2FkZXIgKmxvYWRlciwgUmVx CiAJfQogICAgIH0KIAotICAgIE5TRGljdGlvbmFyeSAqZGljdGlvbmFyeSA9ICBbTlNEaWN0aW9u YXJ5IGRpY3Rpb25hcnlXaXRoRGljdGlvbmFyeTpoZWFkZXJzXTsKKyAgICBOU0RpY3Rpb25hcnkg KmRpY3Rpb25hcnkgPSBbTlNEaWN0aW9uYXJ5IGRpY3Rpb25hcnlXaXRoRGljdGlvbmFyeTpoZWFk ZXJzXTsKICAgICAKICAgICBbaGVhZGVycyByZWxlYXNlXTsKICAgICAK