From 0f7f51fbe0da5b6bd38d6a392280af4a5ff80fa0 Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Mon, 30 Aug 2010 11:06:34 +0200 Subject: [PATCH] [BUG] http: don't consider commas as a header delimitor within quotes The header parser has a bug which causes commas to be matched within quotes while it was not expected. The way the code was written could make one think it was OK. The resulting effect is that the following config would use the second IP address instead of the third when facing this request : source 0.0.0.0 usesrc hdr_ip(X-Forwarded-For,2) GET / HTTP/1.0 X-Forwarded-for: "127.0.0.1, 127.0.0.2", 127.0.0.3 This fix must be backported to 1.4 and 1.3. --- src/proto_http.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/proto_http.c b/src/proto_http.c index 865eaa494..f8b46f661 100644 --- a/src/proto_http.c +++ b/src/proto_http.c @@ -475,8 +475,10 @@ char *find_hdr_value_end(char *s, const char *e) quoted = qdpair = 0; for (; s < e; s++) { if (qdpair) qdpair = 0; - else if (quoted && *s == '\\') qdpair = 1; - else if (quoted && *s == '"') quoted = 0; + else if (quoted) { + if (*s == '\\') qdpair = 1; + else if (*s == '"') quoted = 0; + } else if (*s == '"') quoted = 1; else if (*s == ',') return s; }