Bug#1012263: marked as done (curl: Multi-line header support is broken)

Tue, 14 Jun 2022 10:36:25 -0700 

Your message dated Tue, 14 Jun 2022 17:33:58 +0000
with message-id <e1o1aqq-0002oz...@fasolo.debian.org>
and subject line Bug#1012263: fixed in curl 7.83.1-2
has caused the Debian Bug report #1012263,
regarding curl: Multi-line header support is broken
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1012263: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012263
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Package: curl
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu kinetic ubuntu-patch

Dear Maintainer,

In version 7.83.1, the support for multi-line headers is broken.
This causes autopkgtest regressions in python-tornado:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012224

In Ubuntu, the attached patch was applied to achieve the following:

  * Apply upstream patch to fix multi-line header support (LP: #1976619)

Thanks for considering the patch.


-- System Information:
Debian Release: bookworm/sid
  APT prefers jammy-updates
  APT policy: (500, 'jammy-updates'), (500, 'jammy-security'), (500, 'jammy'), 
(100, 'jammy-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.15.0-33-generic (SMP w/4 CPU threads)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

diff -Nru 
curl-7.83.1/debian/patches/12-http-restore-header-folding-behavior.patch 
curl-7.83.1/debian/patches/12-http-restore-header-folding-behavior.patch
--- curl-7.83.1/debian/patches/12-http-restore-header-folding-behavior.patch    
1970-01-01 01:00:00.000000000 +0100
+++ curl-7.83.1/debian/patches/12-http-restore-header-folding-behavior.patch    
2022-06-02 13:44:50.000000000 +0200
@@ -0,0 +1,268 @@
+Description: restore header folding behavior
+ Folded header lines will now get passed through like before. The headers
+ API is adapted and will get and provide the content "un-folded".
+ Added test 1274 and extended test 1940 to verify.
+Origin: upstream, https://github.com/curl/curl/pull/8899
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/curl/+bug/1976619
+Applied-Upstream: 
https://github.com/curl/curl/commit/c9b60f005358a364cbcddbebd8d12593acffdd84
+Last-Update: 2022-06-02
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+Index: b/docs/libcurl/curl_easy_header.3
+===================================================================
+--- a/docs/libcurl/curl_easy_header.3  2022-06-02 13:39:23.698800691 +0200
++++ b/docs/libcurl/curl_easy_header.3  2022-06-02 13:39:23.694800445 +0200
+@@ -95,7 +95,9 @@
+ 
+ The data \fBvalue\fP field points to, comes exactly as delivered over the
+ network but with leading and trailing whitespace and newlines stripped
+-off. The `value` data is nul-terminated.
++off. The `value` data is nul-terminated. For legacy HTTP/1 "folded headers",
++this API provides the full single value in an unfolded manner with a single
++whitespace between the lines.
+ 
+ \fBamount\fP is how many headers using this name that exist, within the origin
+ and request scope asked for.
+Index: b/lib/headers.c
+===================================================================
+--- a/lib/headers.c    2022-06-02 13:39:23.698800691 +0200
++++ b/lib/headers.c    2022-06-02 13:39:23.694800445 +0200
+@@ -216,6 +216,54 @@
+   return CURLE_OK;
+ }
+ 
++static CURLcode append_value(struct Curl_easy *data, const char *value,
++                             size_t vlen)  /* length of the incoming header */
++{
++  struct Curl_header_store *hs;
++  struct Curl_header_store *newhs;
++  size_t olen; /* length of the old value */
++  size_t offset;
++  DEBUGASSERT(data->state.prevhead);
++  hs = data->state.prevhead;
++  olen = strlen(hs->value);
++  offset = hs->value - hs->buffer;
++
++  /* skip all trailing space letters */
++  while(vlen && ISSPACE(value[vlen - 1]))
++    vlen--;
++
++  /* save only one leading space */
++  while((vlen > 1) && ISSPACE(value[0]) && ISSPACE(value[1])) {
++    vlen--;
++    value++;
++  }
++
++  /* since this header block might move in the realloc below, it needs to
++     first be unlinked from the list and then re-added again after the
++     realloc */
++  Curl_llist_remove(&data->state.httphdrs, &hs->node, NULL);
++
++  newhs = Curl_saferealloc(hs, sizeof(*hs) + vlen + olen + 1);
++  if(!newhs)
++    return CURLE_OUT_OF_MEMORY;
++  /* ->name' and ->value point into ->buffer (to keep the header allocation
++     in a single memory block), which now potentially have moved. Adjust
++     them. */
++  newhs->name = newhs->buffer;
++  newhs->value = &newhs->buffer[offset];
++
++  /* put the data at the end of the previous data, not the newline */
++  memcpy(&newhs->value[olen], value, vlen);
++  newhs->value[olen + vlen] = 0; /* zero terminate at newline */
++
++  /* insert this node into the list of headers */
++  Curl_llist_insert_next(&data->state.httphdrs, data->state.httphdrs.tail,
++                         newhs, &newhs->node);
++  data->state.prevhead = newhs;
++  return CURLE_OK;
++}
++
++
+ /*
+  * Curl_headers_push() gets passed a full HTTP header to store. It gets called
+  * immediately before the header callback. The header is CRLF terminated.
+@@ -242,6 +290,10 @@
+   }
+   hlen = end - header + 1;
+ 
++  if((header[0] == ' ') || (header[0] == '\t'))
++    /* line folding, append value to the previous header's value */
++    return append_value(data, header, hlen);
++
+   hs = calloc(1, sizeof(*hs) + hlen);
+   if(!hs)
+     return CURLE_OUT_OF_MEMORY;
+@@ -260,7 +312,7 @@
+   /* insert this node into the list of headers */
+   Curl_llist_insert_next(&data->state.httphdrs, data->state.httphdrs.tail,
+                          hs, &hs->node);
+-
++  data->state.prevhead = hs;
+   return CURLE_OK;
+   fail:
+   free(hs);
+Index: b/lib/http.c
+===================================================================
+--- a/lib/http.c       2022-06-02 13:39:23.698800691 +0200
++++ b/lib/http.c       2022-06-02 13:39:23.698800691 +0200
+@@ -3799,11 +3799,16 @@
+   if(k->headerline < 2)
+     /* the first "header" is the status-line and it has no colon */
+     return CURLE_OK;
+-  ptr = memchr(header, ':', hlen);
+-  if(!ptr) {
+-    /* this is bad, bail out */
+-    failf(data, "Header without colon");
+-    return CURLE_WEIRD_SERVER_REPLY;
++  if(((header[0] == ' ') || (header[0] == '\t')) && k->headerline > 2)
++    /* line folding, can't happen on line 2 */
++    ;
++  else {
++    ptr = memchr(header, ':', hlen);
++    if(!ptr) {
++      /* this is bad, bail out */
++      failf(data, "Header without colon");
++      return CURLE_WEIRD_SERVER_REPLY;
++    }
+   }
+   return CURLE_OK;
+ }
+Index: b/lib/urldata.h
+===================================================================
+--- a/lib/urldata.h    2022-06-02 13:39:23.698800691 +0200
++++ b/lib/urldata.h    2022-06-02 13:39:23.698800691 +0200
+@@ -1425,6 +1425,7 @@
+                                  headers */
+   struct Curl_llist httphdrs; /* received headers */
+   struct curl_header headerout; /* for external purposes */
++  struct Curl_header_store *prevhead; /* the latest added header */
+ #endif
+   trailers_state trailers_state; /* whether we are sending trailers
+                                        and what stage are we at */
+Index: b/tests/data/Makefile.inc
+===================================================================
+--- a/tests/data/Makefile.inc  2022-06-02 13:39:23.698800691 +0200
++++ b/tests/data/Makefile.inc  2022-06-02 13:39:23.698800691 +0200
+@@ -160,7 +160,7 @@
+ test1248 test1249 test1250 test1251 test1252 test1253 test1254 test1255 \
+ test1256 test1257 test1258 test1259 test1260 test1261 test1262 test1263 \
+ test1264 test1265 test1266 test1267 test1268 test1269 test1270 test1271 \
+-test1272 test1273 \
++test1272 test1273 test1274 \
+ \
+ test1280 test1281 test1282 test1283 test1284 test1285 test1286 test1287 \
+ test1288 test1289 test1290 test1291 test1292 test1293 test1294 test1295 \
+Index: b/tests/data/test1274
+===================================================================
+--- /dev/null  1970-01-01 00:00:00.000000000 +0000
++++ b/tests/data/test1274      2022-06-02 13:39:23.698800691 +0200
+@@ -0,0 +1,65 @@
++<testcase>
++<info>
++<keywords>
++HTTP
++HTTP GET
++header line folding
++</keywords>
++</info>
++
++#
++# Server-side
++<reply>
++<data>
++HTTP/1.1 200 OK
++Date: Tue, 09 Nov 2010 14:49:00 GMT
++Server: test-server/
++ fake
++ folded
++Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT
++ETag: "21025-dc7-39462498"
++Content-Length: 6
++Connection: close
++
++-foo-
++</data>
++</reply>
++
++#
++# Client-side
++<client>
++<server>
++http
++</server>
++ <name>
++HTTP header line folding
++ </name>
++ <command>
++http://%HOSTIP:%HTTPPORT/%TESTNUMBER -D log/out%TESTNUMBER
++</command>
++</client>
++
++#
++# Verify data after the test has been "shot"
++<verify>
++<protocol>
++GET /%TESTNUMBER HTTP/1.1
++Host: %HOSTIP:%HTTPPORT
++User-Agent: curl/%VERSION
++Accept: */*
++
++</protocol>
++<file name="log/out%TESTNUMBER">
++HTTP/1.1 200 OK
++Date: Tue, 09 Nov 2010 14:49:00 GMT
++Server: test-server/
++ fake
++ folded
++Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT
++ETag: "21025-dc7-39462498"
++Content-Length: 6
++Connection: close
++
++</file>
++</verify>
++</testcase>
+Index: b/tests/data/test1940
+===================================================================
+--- a/tests/data/test1940      2022-06-02 13:39:23.698800691 +0200
++++ b/tests/data/test1940      2022-06-02 13:39:23.698800691 +0200
+@@ -12,6 +12,9 @@
+ Date: Thu, 09 Nov 2010 14:49:00 GMT
+ Server:       test with trailing space     
+ Content-Type: text/html
++Fold: is
++ folding a     
++   line
+ Content-Length: 0
+ Set-Cookie: onecookie=data;
+ Set-Cookie: secondcookie=2data;
+@@ -44,7 +47,7 @@
+ 
+ # Verify data after the test has been "shot"
+ <verify>
+-<stdout>
++<stdout mode="text">
+  Date == Thu, 09 Nov 2010 14:49:00 GMT
+  Server == test with trailing space
+  Content-Type == text/html
+@@ -53,6 +56,7 @@
+ - Set-Cookie == onecookie=data; (0/3)
+ - Set-Cookie == secondcookie=2data; (1/3)
+ - Set-Cookie == cookie3=data3; (2/3)
++ Fold == is folding a line
+ </stdout>
+ </verify>
+ </testcase>
+Index: b/tests/libtest/lib1940.c
+===================================================================
+--- a/tests/libtest/lib1940.c  2022-06-02 13:39:23.698800691 +0200
++++ b/tests/libtest/lib1940.c  2022-06-02 13:39:23.698800691 +0200
+@@ -32,6 +32,7 @@
+   "location",
+   "set-cookie",
+   "silly-thing",
++  "fold",
+   NULL
+ };
+ 
diff -Nru curl-7.83.1/debian/patches/series curl-7.83.1/debian/patches/series
--- curl-7.83.1/debian/patches/series   2022-05-11 18:46:48.000000000 +0200
+++ curl-7.83.1/debian/patches/series   2022-06-02 13:44:50.000000000 +0200
@@ -2,6 +2,7 @@
 06_always-disable-valgrind.patch
 08_enable-zsh.patch
 11_omit-directories-from-config.patch
+12-http-restore-header-folding-behavior.patch
 
 # do not add patches below
 90_gnutls.patch

--- End Message ---
--- Begin Message --- 
Source: curl
Source-Version: 7.83.1-2
Done: Samuel Henrique <samuel...@debian.org>

We believe that the bug you reported is fixed in the latest version of
curl, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1012...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Samuel Henrique <samuel...@debian.org> (supplier of updated curl package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 14 Jun 2022 18:05:23 +0100
Source: curl
Architecture: source
Version: 7.83.1-2
Distribution: unstable
Urgency: medium
Maintainer: Alessandro Ghedini <gh...@debian.org>
Changed-By: Samuel Henrique <samuel...@debian.org>
Closes: 1011696 1012263
Changes:
 curl (7.83.1-2) unstable; urgency=medium
 .
   * d/p/fix_multiline_header_regression.patch: New upstream patch to fix
     regression (closes: #1012263, #1011696)
Checksums-Sha1:
 c3c30e245c2bb7fc162dbb5edfd71594beb75b47 2959 curl_7.83.1-2.dsc
 02f5c0888708fac61538d97b6bdef0724dfcdfc7 38500 curl_7.83.1-2.debian.tar.xz
 80d25cb0fedd4d514b397b76a5fc85708db7971b 12860 curl_7.83.1-2_amd64.buildinfo
Checksums-Sha256:
 e95b7ae740c4261db6cee38533f25994a99f087db906a7092ee7dc3a12840110 2959 
curl_7.83.1-2.dsc
 c6fc59133a8ba1f03a82a713a1eaa3cc9ff7368b465588a95579b5979b7c8d07 38500 
curl_7.83.1-2.debian.tar.xz
 44b2f405733eed583cc5f78ecac4c972fb55d1a49b281504e8aa33a41ba20537 12860 
curl_7.83.1-2_amd64.buildinfo
Files:
 91cd2d1a0a71cfd75e2c7710f69f2035 2959 web optional curl_7.83.1-2.dsc
 4e31be4b01ec403d276aa877dcded1be 38500 web optional curl_7.83.1-2.debian.tar.xz
 bbd8b5dbac82b7d3c6016e73be977558 12860 web optional 
curl_7.83.1-2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEBdtqg34QX0sdAsVfu6n6rcz7RwcFAmKow9kACgkQu6n6rcz7
RwfRAA/+K3BlU7YrD2BvVRo30pyOV/C2zDib7Z1a3aLTlOlfdMYmZ7vim/jVHQnj
TWNRMqgEPePVL/BnHfNRKgco5oYc9uluDVDuT4CH2tIRID/Su6cPz6Z+tCnGAWcE
M09eyChmGllIXFPAuHfNrh2Y6XDKXJHudhMzb+didKRJDkqjAdnn2R9Xh5aARe74
vg2M2Q+C6Jd1qwR06S+K2oFT85yeZDgm+Csp9VS/qvzVgZAVlFKVCnjxHPL0TNbL
hmd8vKrPhVM/FgoYQ/EW/yglcp1uv/Qku01oT6WnCrQra2fq5p2ZFZnM6TwIHTk5
6Z0yuz+Gq2qaa6Xq7nJkGMBUHN4N0Q4s64bMGSut7seK8JqZtMpEPSRcEFDYtMoV
Ul0J/ZkZhZk0902uZKu/NGeGw5E+KhGfuT49JSW2p+BX9o2EAiyz0EhTuAm1LlUC
tFDqN65DsASs8cUKBpaDIquE9rPal82al9Leg3HGvDcUmW7w48RGiRUs8memu2jo
kqPg/2p9jrDISis8iMbNymcgGxpC0y1qi+Nv0iCMoboWB3VkbE5Htti0eL+6NpSp
K/GJBbBPim7drFxqSJsG5wR3bYfMShfjOW6bb+4WTN78IulBF7U58kfMh7jiYedk
zXNCFfyEaJ1ULZT5nRUSnYj2WyMZ7FSOS1banE6PkgVZY14m4Lc=
=znPG
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to