Headline
CVE-2023-4540: http/h1_stream: handle EOF when `body_read_type==length` · daurnimator/lua-http@ddab283
Improper Handling of Exceptional Conditions vulnerability in Daurnimator HTTP Library for Lua allows Excessive Allocation.This issue affects HTTP Library for Lua: before commit ddab283.
Expand Up
@@ -295,6 +295,33 @@ describe("http1 stream", function()
server:close()
client:close()
end)
it("Doesn’t hang when a content-length delimited stream is closed", function()
local server, client = new_pair(1.1)
local cq = cqueues.new()
cq:wrap(function()
local stream = client:new_stream()
local headers = new_headers()
headers:append(":method", “GET”)
headers:append(":scheme", “http”)
headers:append(":authority", “myauthority”)
headers:append(":path", “/a”)
assert(stream:write_headers(headers, true))
end)
cq:wrap(function()
local stream = server:get_next_incoming_stream()
assert(stream:get_headers())
local res_headers = new_headers()
res_headers:append(":status", “200”)
res_headers:append("content-length", “100”)
assert(stream:write_headers(res_headers, false))
assert(stream:write_chunk("foo", false))
assert(stream:shutdown())
end)
assert_loop(cq, TEST_TIMEOUT)
assert.truthy(cq:empty())
server:close()
client:close()
end)
it("allows pipelining", function()
local server, client = new_pair(1.1)
local cq = cqueues.new()
Expand Down