mirror of
				https://github.com/caddyserver/caddy.git
				synced 2025-10-24 23:39:19 -04:00 
			
		
		
		
	fastcgi: Protect against requests with null bytes in the path (#4614)
This commit is contained in:
		
							parent
							
								
									ab0455922a
								
							
						
					
					
						commit
						c8f2834b51
					
				| @ -110,6 +110,13 @@ func (t *Transport) Provision(ctx caddy.Context) error { | |||||||
| 
 | 
 | ||||||
| // RoundTrip implements http.RoundTripper. | // RoundTrip implements http.RoundTripper. | ||||||
| func (t Transport) RoundTrip(r *http.Request) (*http.Response, error) { | func (t Transport) RoundTrip(r *http.Request) (*http.Response, error) { | ||||||
|  | 	// Disallow null bytes in the request path, because | ||||||
|  | 	// PHP upstreams may do bad things, like execute a | ||||||
|  | 	// non-PHP file as PHP code. See #4574 | ||||||
|  | 	if strings.Contains(r.URL.Path, "\x00") { | ||||||
|  | 		return nil, caddyhttp.Error(http.StatusBadRequest, fmt.Errorf("invalid request path")) | ||||||
|  | 	} | ||||||
|  | 
 | ||||||
| 	env, err := t.buildEnv(r) | 	env, err := t.buildEnv(r) | ||||||
| 	if err != nil { | 	if err != nil { | ||||||
| 		return nil, fmt.Errorf("building environment: %v", err) | 		return nil, fmt.Errorf("building environment: %v", err) | ||||||
|  | |||||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user