Add some reasonable limits to cookie parsing, reduce impact of possible attack

2025-05-09 02:05:37 +00:00 · 2023-01-06 19:02:20 +11:00
parent 9c17d5b8fc
commit b593be8627
1 changed files with 8 additions and 1 deletions
--- a/src/libs/cookie.lua
+++ b/src/libs/cookie.lua
@ -11,11 +11,12 @@ local SEMICOLON     = byte(";")
 local SPACE         = byte(" ")
 local HTAB          = byte("\t")

+local MAX_LEN       = 10 * 1024 -- in case you are a dumbass and set a high tune.maxrewrite
+local MAX_COOKIES   = 100

 local _M = {}
 _M._VERSION = '0.01'

-
 function _M.get_cookie_table(text_cookie)
    if type(text_cookie) ~= "string" then
        return {}
@ -27,10 +28,16 @@ function _M.get_cookie_table(text_cookie)

    local n = 0
    local len = #text_cookie
+    if len > MAX_LEN then
+        return {}
+    end

    for i=1, len do
        if byte(text_cookie, i) == SEMICOLON then
            n = n + 1
+            if n > MAX_COOKIES then
+                return {}
+            end
        end
    end