From 2ef45c5247525ff1fe810bfb5db11842e13eb1f6 Mon Sep 17 00:00:00 2001
From: Sergey Beryozkin <sberyozkin@gmail.com>
Date: Tue, 31 Jan 2023 19:25:11 +0000
Subject: [PATCH] Update ForwardedParser to validate the port

---
 .../quarkus/vertx/http/ForwardedForHeaderTest.java  | 13 +++++++++++++
 .../quarkus/vertx/http/runtime/ForwardedParser.java | 13 +++++++++++--
 2 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/extensions/vertx-http/deployment/src/test/java/io/quarkus/vertx/http/ForwardedForHeaderTest.java b/extensions/vertx-http/deployment/src/test/java/io/quarkus/vertx/http/ForwardedForHeaderTest.java
index d06e24b4066db..162fcdcabe34b 100644
--- a/extensions/vertx-http/deployment/src/test/java/io/quarkus/vertx/http/ForwardedForHeaderTest.java
+++ b/extensions/vertx-http/deployment/src/test/java/io/quarkus/vertx/http/ForwardedForHeaderTest.java
@@ -32,6 +32,19 @@ public void test() {
                 .body(Matchers.equalTo("https|somehost|backend:4444"));
     }
 
+    @Test
+    public void testInvalidPort() {
+        assertThat(RestAssured.get("/forward").asString()).startsWith("http|");
+
+        RestAssured.given().header("X-Forwarded-Proto", "https").header("X-Forwarded-For", "backend:-4444")
+                .header("X-Forwarded-Host", "somehost").get("/forward").then()
+                .body(Matchers.not(Matchers.endsWith(":44444444")));
+
+        RestAssured.given().header("X-Forwarded-Proto", "https").header("X-Forwarded-For", "backend:-4444")
+                .header("X-Forwarded-Host", "somehost").get("/forward").then()
+                .body(Matchers.not(Matchers.endsWith(":44444444")));
+    }
+
     @Test
     public void testIPV4WithPort() {
         assertThat(RestAssured.get("/forward").asString()).startsWith("http|");
diff --git a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/ForwardedParser.java b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/ForwardedParser.java
index c428050791f61..09ec83ecdab0f 100644
--- a/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/ForwardedParser.java
+++ b/extensions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/ForwardedParser.java
@@ -45,6 +45,9 @@ class ForwardedParser {
     private static final Pattern FORWARDED_PROTO_PATTERN = Pattern.compile("proto=\"?([^;,\"]+)\"?");
     private static final Pattern FORWARDED_FOR_PATTERN = Pattern.compile("for=\"?([^;,\"]+)\"?");
 
+    private final static int PORT_MIN_VALID_VALUE = 0;
+    private final static int PORT_MAX_VALID_VALUE = 65535;
+
     private final HttpServerRequest delegate;
     private final ForwardingProxyOptions forwardingProxyOptions;
     private final TrustedProxyCheck trustedProxyCheck;
@@ -226,9 +229,15 @@ private String[] parseHostAndPort(String hostToParse) {
     private int parsePort(String portToParse, int defaultPort) {
         if (portToParse != null && portToParse.length() > 0) {
             try {
-                return Integer.parseInt(portToParse);
+                int port = Integer.parseInt(portToParse);
+                if (port < PORT_MIN_VALID_VALUE || port > PORT_MAX_VALID_VALUE) {
+                    log.errorf("Failed to validate a port from \"forwarded\"-type headers, using the default port %d",
+                            defaultPort);
+                    return defaultPort;
+                }
+                return port;
             } catch (NumberFormatException ignored) {
-                log.error("Failed to parse a port from \"forwarded\"-type headers.");
+                log.errorf("Failed to parse a port from \"forwarded\"-type headers, using the default port %d", defaultPort);
             }
         }
         return defaultPort;