Fix output '\n' HTTP field line endings

Origin: upstream
Applied-Upstream: https://github.com/apache/trafficserver/commit/5cad961c87cb07fbb8fa6890685d9878a169378d
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2022-05-21

This is another attempt to fix what was initially addressed in #8096 but
got backed out via #8305. That more extensive patch was considered too
invasive and potentially risky.  This more targeted patch will fix
clients that only send the \n endings but it will force the \r\n line
ending on output.
This was mostly in place except for header lines that get
m_n_v_raw_printable set, which seems to be most header lines. The
addition checks to see if the header line ends in \r\n. If it does not
the m_n_v_raw_printable flag gets cleared and the logic that explicitly
adds the line endings while be invoked on output.
Last-Update: 2022-05-21
Gbp-Pq: Name 0019-CVE_2021_37147.patch

diff --git a/proxy/hdrs/MIME.cc b/proxy/hdrs/MIME.cc
index 35a1159b71981b01f860fcd6a32dd8d051a7ca14..926564388d64f7cb3eb6af44a0eff43b43eb78e3 100644 (file)
--- a/proxy/hdrs/MIME.cc
+++ b/proxy/hdrs/MIME.cc
@@ -2652,8 +2652,17 @@ mime_parser_parse(MIMEParser *parser, HdrHeap *heap, MIMEHdrImpl *mh, const char
 
     // find_value_last
     field_value_last = line_e - 1;
+    int suffix_count = 0;
     while ((field_value_last >= field_value_first) && ParseRules::is_wslfcr(*field_value_last)) {
       --field_value_last;
+      ++suffix_count;
+    }
+
+    // Make sure the field ends in CRLF. If not, we'll fix the field via the n_v_raw_printable
+    // flag.
+    bool raw_print_field = true;
+    if (suffix_count < 2 || *(line_e - 2) != '\r' || *(line_e - 1) != '\n') {
+      raw_print_field = false;
     }
 
     field_name_length  = (int)(field_name_last - field_name_first + 1);
@@ -2690,7 +2699,7 @@ mime_parser_parse(MIMEParser *parser, HdrHeap *heap, MIMEHdrImpl *mh, const char
 
     MIMEField *field = mime_field_create(heap, mh);
     mime_field_name_value_set(heap, mh, field, field_name_wks_idx, field_name_first, field_name_length, field_value_first,
-                              field_value_length, true, total_line_length, false);
+                              field_value_length, raw_print_field, total_line_length, false);
     mime_hdr_field_attach(mh, field, 1, nullptr);
   }
 }