Skip to content

Commit

Permalink
http: disable request smuggling via rempty headers
Browse files Browse the repository at this point in the history
PR-URL: nodejs-private/node-private#428
Refs: nodejs-private/node-private#427
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
CVE-ID: CVE-2023-30589
  • Loading branch information
ShogunPanda authored and RafaelGSS committed Jun 19, 2023
1 parent 7e3d2d8 commit 4ff6ba0
Show file tree
Hide file tree
Showing 5 changed files with 590 additions and 424 deletions.
2 changes: 1 addition & 1 deletion deps/llhttp/CMakeLists.txt
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
cmake_minimum_required(VERSION 3.5.1)
cmake_policy(SET CMP0069 NEW)

project(llhttp VERSION 6.0.10)
project(llhttp VERSION 6.0.11)
include(GNUInstallDirs)

set(CMAKE_C_STANDARD 99)
Expand Down
2 changes: 1 addition & 1 deletion deps/llhttp/include/llhttp.h
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@

#define LLHTTP_VERSION_MAJOR 6
#define LLHTTP_VERSION_MINOR 0
#define LLHTTP_VERSION_PATCH 10
#define LLHTTP_VERSION_PATCH 11

#ifndef LLHTTP_STRICT_MODE
# define LLHTTP_STRICT_MODE 0
Expand Down
11 changes: 10 additions & 1 deletion deps/llhttp/llhttp.gyp
Original file line number Diff line number Diff line change
@@ -1,4 +1,11 @@
{
'variables': {
'llhttp_sources': [
'src/llhttp.c',
'src/api.c',
'src/http.c',
]
},
'targets': [
{
'target_name': 'llhttp',
Expand All @@ -7,7 +14,9 @@
'direct_dependent_settings': {
'include_dirs': [ 'include' ],
},
'sources': [ 'src/llhttp.c', 'src/api.c', 'src/http.c' ],
'sources': [
'<@(llhttp_sources)',
],
},
]
}
Loading

0 comments on commit 4ff6ba0

Please sign in to comment.