Skip to content

Commit

Permalink
http: do not allow OBS fold in headers by default
Browse files Browse the repository at this point in the history
Reviewed-By: Matteo Collina <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Fixes: https://hackerone.com/reports/2237099
PR-URL: nodejs-private/node-private#556
CVE-ID: CVE-2024-27982
  • Loading branch information
ShogunPanda authored and marco-ippolito committed Apr 2, 2024
1 parent 3bd39fb commit 1a65e98
Show file tree
Hide file tree
Showing 7 changed files with 294 additions and 278 deletions.
1 change: 0 additions & 1 deletion deps/llhttp/.gitignore

This file was deleted.

2 changes: 1 addition & 1 deletion deps/llhttp/CMakeLists.txt
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
cmake_minimum_required(VERSION 3.5.1)
cmake_policy(SET CMP0069 NEW)

project(llhttp VERSION 9.2.0)
project(llhttp VERSION 9.2.1)
include(GNUInstallDirs)

set(CMAKE_C_STANDARD 99)
Expand Down
4 changes: 2 additions & 2 deletions deps/llhttp/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -397,7 +397,7 @@ With this flag this check is disabled.
Make sure you have [Node.js](https://nodejs.org/), npm and npx installed. Then under project directory run:
```sh
npm install
npm ci
make
```

Expand Down Expand Up @@ -451,7 +451,7 @@ _Note that using the git repo directly (e.g., via a git repo url and tag) will n

1. Ensure that `Clang` and `make` are in your system path.
2. Using Git Bash, clone the repo to your preferred location.
3. Cd into the cloned directory and run `npm install`
3. Cd into the cloned directory and run `npm ci`
5. Run `make`
6. Your `repo/build` directory should now have `libllhttp.a` and `libllhttp.so` static and dynamic libraries.
7. When building your executable, you can link to these libraries. Make sure to set the build folder as an include path when building so you can reference the declarations in `repo/build/llhttp.h`.
Expand Down
2 changes: 1 addition & 1 deletion deps/llhttp/include/llhttp.h
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@

#define LLHTTP_VERSION_MAJOR 9
#define LLHTTP_VERSION_MINOR 2
#define LLHTTP_VERSION_PATCH 0
#define LLHTTP_VERSION_PATCH 1

#ifndef INCLUDE_LLHTTP_ITSELF_H_
#define INCLUDE_LLHTTP_ITSELF_H_
Expand Down
Loading

0 comments on commit 1a65e98

Please sign in to comment.