From 5d1b28c52cef23ebc1a688e578b45b4a52de5b7f Mon Sep 17 00:00:00 2001
From: Brian Neradt <brian.neradt@gmail.com>
Date: Sat, 21 May 2022 18:28:31 +0100
Subject: [PATCH] Fix output '\n' HTTP field line endings

Origin: upstream
Applied-Upstream: https://github.com/apache/trafficserver/commit/5cad961c87cb07fbb8fa6890685d9878a169378d
Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
Last-Update: 2022-05-21

This is another attempt to fix what was initially addressed in #8096 but
got backed out via #8305. That more extensive patch was considered too
invasive and potentially risky.  This more targeted patch will fix
clients that only send the \n endings but it will force the \r\n line
ending on output.
This was mostly in place except for header lines that get
m_n_v_raw_printable set, which seems to be most header lines. The
addition checks to see if the header line ends in \r\n. If it does not
the m_n_v_raw_printable flag gets cleared and the logic that explicitly
adds the line endings while be invoked on output.
Last-Update: 2022-05-21
Gbp-Pq: Name 0019-CVE_2021_37147.patch
---
 proxy/hdrs/MIME.cc | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/proxy/hdrs/MIME.cc b/proxy/hdrs/MIME.cc
index 35a1159b..92656438 100644
--- a/proxy/hdrs/MIME.cc
+++ b/proxy/hdrs/MIME.cc
@@ -2652,8 +2652,17 @@ mime_parser_parse(MIMEParser *parser, HdrHeap *heap, MIMEHdrImpl *mh, const char
 
     // find_value_last
     field_value_last = line_e - 1;
+    int suffix_count = 0;
     while ((field_value_last >= field_value_first) && ParseRules::is_wslfcr(*field_value_last)) {
       --field_value_last;
+      ++suffix_count;
+    }
+
+    // Make sure the field ends in CRLF. If not, we'll fix the field via the n_v_raw_printable
+    // flag.
+    bool raw_print_field = true;
+    if (suffix_count < 2 || *(line_e - 2) != '\r' || *(line_e - 1) != '\n') {
+      raw_print_field = false;
     }
 
     field_name_length  = (int)(field_name_last - field_name_first + 1);
@@ -2690,7 +2699,7 @@ mime_parser_parse(MIMEParser *parser, HdrHeap *heap, MIMEHdrImpl *mh, const char
 
     MIMEField *field = mime_field_create(heap, mh);
     mime_field_name_value_set(heap, mh, field, field_name_wks_idx, field_name_first, field_name_length, field_value_first,
-                              field_value_length, true, total_line_length, false);
+                              field_value_length, raw_print_field, total_line_length, false);
     mime_hdr_field_attach(mh, field, 1, nullptr);
   }
 }
-- 
2.30.2