Validate header fields.

fabianfett · fabianfett · commit 2828a227c565 · 2022-03-09T16:07:41.000+01:00
diff --git a/Sources/AWSLambdaRuntimeCore/ControlPlaneResponseDecoder.swift b/Sources/AWSLambdaRuntimeCore/ControlPlaneResponseDecoder.swift
@@ -331,7 +331,39 @@ struct ControlPlaneResponseDecoder: NIOSingleStepByteToMessageDecoder {
             }
 
         default:
-            return .ignore
+            // Ensure we received a valid http header:
+            break // fallthrough
+        }
+        
+        // We received a header we didn't expect, let's ensure it is valid.
+        let satisfy = buffer.readableBytesView[0..<colonIndex].allSatisfy { char -> Bool in
+            switch char {
+            case UInt8(ascii: "a")...UInt8(ascii: "z"),
+                 UInt8(ascii: "A")...UInt8(ascii: "Z"),
+                 UInt8(ascii: "0")...UInt8(ascii: "9"),
+                 UInt8(ascii: "!"),
+                 UInt8(ascii: "#"),
+                 UInt8(ascii: "$"),
+                 UInt8(ascii: "%"),
+                 UInt8(ascii: "&"),
+                 UInt8(ascii: "'"),
+                 UInt8(ascii: "*"),
+                 UInt8(ascii: "+"),
+                 UInt8(ascii: "-"),
+                 UInt8(ascii: "."),
+                 UInt8(ascii: "^"),
+                 UInt8(ascii: "_"),
+                 UInt8(ascii: "`"),
+                 UInt8(ascii: "|"),
+                 UInt8(ascii: "~"):
+                return true
+            default:
+                return false
+            }
+        }
+        
+        guard satisfy else {
+            throw LambdaRuntimeError.responseHeadHeaderInvalidCharacter
         }
 
         return .ignore
diff --git a/Sources/AWSLambdaRuntimeCore/LambdaRuntimeError.swift b/Sources/AWSLambdaRuntimeCore/LambdaRuntimeError.swift
@@ -20,6 +20,7 @@ struct LambdaRuntimeError: Error, Hashable {
         case responseHeadInvalidStatusLine
         case responseHeadMissingContentLengthOrTransferEncodingChunked
         case responseHeadMoreThan256BytesBeforeCRLF
+        case responseHeadHeaderInvalidCharacter
         case responseHeadHeaderMissingColon
         case responseHeadHeaderMissingFieldValue
         case responseHeadInvalidHeader
@@ -48,6 +49,7 @@ struct LambdaRuntimeError: Error, Hashable {
     static var responseHeadMissingContentLengthOrTransferEncodingChunked =
         LambdaRuntimeError(.responseHeadMissingContentLengthOrTransferEncodingChunked)
     static var responseHeadMoreThan256BytesBeforeCRLF = LambdaRuntimeError(.responseHeadMoreThan256BytesBeforeCRLF)
+    static var responseHeadHeaderInvalidCharacter = LambdaRuntimeError(.responseHeadHeaderInvalidCharacter)
     static var responseHeadHeaderMissingColon = LambdaRuntimeError(.responseHeadHeaderMissingColon)
     static var responseHeadHeaderMissingFieldValue = LambdaRuntimeError(.responseHeadHeaderMissingFieldValue)
     static var responseHeadInvalidHeader = LambdaRuntimeError(.responseHeadInvalidHeader)
diff --git a/Tests/AWSLambdaRuntimeCoreTests/ControlPlaneResponseDecoderTests.swift b/Tests/AWSLambdaRuntimeCoreTests/ControlPlaneResponseDecoderTests.swift
@@ -63,6 +63,33 @@ final class ControlPlaneResponseDecoderTests: XCTestCase {
             decoderFactory: { ControlPlaneResponseDecoder() }
         ))
     }
+    
+    func testWhitespaceInHeaderIsRejected() {
+        let nextResponse = ByteBuffer(string: """
+            HTTP/1.1 200 OK\r\n\
+            Content-Type: application/json\r\n\
+            Lambda-Runtime Aws-Request-Id: 9028dc49-a01b-4b44-8ffe-4912e9dabbbd\r\n\
+            Lambda-Runtime-Deadline-Ms: 1638392696671\r\n\
+            Lambda-Runtime-Invoked-Function-Arn: arn:aws:lambda:eu-central-1:079477498937:function:lambda-log-http-HelloWorldLambda-NiDlzMFXtF3x\r\n\
+            Lambda-Runtime-Trace-Id: Root=1-61a7e375-40b3edf95b388fe75d1fa416;Parent=348bb48e251c1254;Sampled=0\r\n\
+            Date: Wed, 01 Dec 2021 21:04:53 GMT\r\n\
+            Content-Length: 49\r\n\
+            \r\n\
+            {"name":"Fabian","key2":"value2","key3":"value3"}
+            """
+        )
+
+        let pairs: [(ByteBuffer, [ControlPlaneResponse])] = [
+            (nextResponse, [])
+        ]
+
+        XCTAssertThrowsError(try ByteToMessageDecoderVerifier.verifyDecoder(
+            inputOutputPairs: pairs,
+            decoderFactory: { ControlPlaneResponseDecoder() }
+        )) {
+            XCTAssertEqual($0 as? LambdaRuntimeError, .responseHeadHeaderInvalidCharacter)
+        }
+    }
 }
 
 extension ByteBuffer {
