Skip to content

Commit b2cc0fe

Browse files
neildneild
committed
net/http: preserve nil values in Header.Clone
ReverseProxy makes a distinction between nil and zero-length header values. Avoid losing nil-ness when cloning a request. Thanks to Christian Mehlmauer for discovering this. Fixes #53423 Fixes CVE-2022-32148 Change-Id: Ice369cdb4712e2d62e25bb881b080847aa4801f5 Reviewed-on: https://go-review.googlesource.com/c/go/+/412857 Reviewed-by: Ian Lance Taylor <[email protected]> Reviewed-by: Brad Fitzpatrick <[email protected]>
1 parent 64ef16e commit b2cc0fe

2 files changed

Lines changed: 11 additions & 0 deletions

File tree

src/net/http/header.go

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -103,6 +103,12 @@ func (h Header) Clone() Header {
103103
sv := make([]string, nv) // shared backing array for headers' values
104104
h2 := make(Header, len(h))
105105
for k, vv := range h {
106+
if vv == nil {
107+
// Preserve nil values. ReverseProxy distinguishes
108+
// between nil and zero-length header values.
109+
h2[k] = nil
110+
continue
111+
}
106112
n := copy(sv, vv)
107113
h2[k] = sv[:n:n]
108114
sv = sv[n:]

src/net/http/header_test.go

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -248,6 +248,11 @@ func TestCloneOrMakeHeader(t *testing.T) {
248248
in: Header{"foo": {"bar"}},
249249
want: Header{"foo": {"bar"}},
250250
},
251+
{
252+
name: "nil value",
253+
in: Header{"foo": nil},
254+
want: Header{"foo": nil},
255+
},
251256
}
252257

253258
for _, tt := range tests {

0 commit comments

Comments
 (0)