update llhttp to v 9.1.3

2026-04-14 00:04:13 +09:00 · 2023-12-02 11:48:09 -05:00
parent e9da98f428
commit 3898c2d013
4 changed files with 1774 additions and 10203 deletions
--- a/lib/llhttp/api.c
+++ b/lib/llhttp/api.c
@@ -126,7 +126,7 @@ void llhttp_reset(llhttp_t* parser) {
  llhttp_type_t type = parser->type;
  const llhttp_settings_t* settings = parser->settings;
  void* data = parser->data;
-  uint8_t lenient_flags = parser->lenient_flags;
+  uint16_t lenient_flags = parser->lenient_flags;

  llhttp__internal_init(parser);

@@ -283,6 +283,54 @@ void llhttp_set_lenient_transfer_encoding(llhttp_t* parser, int enabled) {
  }
 }

+void llhttp_set_lenient_version(llhttp_t* parser, int enabled) {
+  if (enabled) {
+    parser->lenient_flags |= LENIENT_VERSION;
+  } else {
+    parser->lenient_flags &= ~LENIENT_VERSION;
+  }
+}
+
+void llhttp_set_lenient_data_after_close(llhttp_t* parser, int enabled) {
+  if (enabled) {
+    parser->lenient_flags |= LENIENT_DATA_AFTER_CLOSE;
+  } else {
+    parser->lenient_flags &= ~LENIENT_DATA_AFTER_CLOSE;
+  }
+}
+
+void llhttp_set_lenient_optional_lf_after_cr(llhttp_t* parser, int enabled) {
+  if (enabled) {
+    parser->lenient_flags |= LENIENT_OPTIONAL_LF_AFTER_CR;
+  } else {
+    parser->lenient_flags &= ~LENIENT_OPTIONAL_LF_AFTER_CR;
+  }
+}
+
+void llhttp_set_lenient_optional_crlf_after_chunk(llhttp_t* parser, int enabled) {
+  if (enabled) {
+    parser->lenient_flags |= LENIENT_OPTIONAL_CRLF_AFTER_CHUNK;
+  } else {
+    parser->lenient_flags &= ~LENIENT_OPTIONAL_CRLF_AFTER_CHUNK;
+  }
+}
+
+void llhttp_set_lenient_optional_cr_before_lf(llhttp_t* parser, int enabled) {
+  if (enabled) {
+    parser->lenient_flags |= LENIENT_OPTIONAL_CR_BEFORE_LF;
+  } else {
+    parser->lenient_flags &= ~LENIENT_OPTIONAL_CR_BEFORE_LF;
+  }
+}
+
+void llhttp_set_lenient_spaces_after_chunk_size(llhttp_t* parser, int enabled) {
+  if (enabled) {
+    parser->lenient_flags |= LENIENT_SPACES_AFTER_CHUNK_SIZE;
+  } else {
+    parser->lenient_flags &= ~LENIENT_SPACES_AFTER_CHUNK_SIZE;
+  }
+}
+
 /* Callbacks */


--- a/lib/llhttp/http.c
+++ b/lib/llhttp/http.c
@@ -39,13 +39,33 @@ int llhttp__after_headers_complete(llhttp_t* parser, const char* p,
  int hasBody;

  hasBody = parser->flags & F_CHUNKED || parser->content_length > 0;
-  if (parser->upgrade && (parser->method == HTTP_CONNECT ||
-                          (parser->flags & F_SKIPBODY) || !hasBody)) {
+  if (
+      (parser->upgrade && (parser->method == HTTP_CONNECT ||
+                          (parser->flags & F_SKIPBODY) || !hasBody)) ||
+      /* See RFC 2616 section 4.4 - 1xx e.g. Continue */
+      (parser->type == HTTP_RESPONSE && parser->status_code == 101)
+  ) {
    /* Exit, the rest of the message is in a different protocol. */
    return 1;
  }

-  if (parser->flags & F_SKIPBODY) {
+  if (parser->type == HTTP_RESPONSE && parser->status_code == 100) {
+    /* No body, restart as the message is complete */
+    return 0;
+  }
+
+  /* See RFC 2616 section 4.4 */
+  if (
+    parser->flags & F_SKIPBODY ||         /* response to a HEAD request */
+    (
+      parser->type == HTTP_RESPONSE && (
+        parser->status_code == 102 ||     /* Processing */
+        parser->status_code == 103 ||     /* Early Hints */
+        parser->status_code == 204 ||     /* No Content */
+        parser->status_code == 304        /* Not Modified */
+      )
+    )
+  ) {
    return 0;
  } else if (parser->flags & F_CHUNKED) {
    /* chunked encoding - ignore Content-Length header, prepare for a chunk */
--- a/lib/llhttp/llhttp.c
+++ b/lib/llhttp/llhttp.c
--- a/lib/llhttp/llhttp.h
+++ b/lib/llhttp/llhttp.h
@@ -1,13 +1,10 @@
+
 #ifndef INCLUDE_LLHTTP_H_
 #define INCLUDE_LLHTTP_H_

-#define LLHTTP_VERSION_MAJOR 8
+#define LLHTTP_VERSION_MAJOR 9
 #define LLHTTP_VERSION_MINOR 1
-#define LLHTTP_VERSION_PATCH 1
-
-#ifndef LLHTTP_STRICT_MODE
-# define LLHTTP_STRICT_MODE 0
-#endif
+#define LLHTTP_VERSION_PATCH 3

 #ifndef INCLUDE_LLHTTP_ITSELF_H_
 #define INCLUDE_LLHTTP_ITSELF_H_
@@ -33,7 +30,7 @@ struct llhttp__internal_s {
  uint8_t http_major;
  uint8_t http_minor;
  uint8_t header_state;
-  uint8_t lenient_flags;
+  uint16_t lenient_flags;
  uint8_t upgrade;
  uint8_t finish;
  uint16_t flags;
@@ -50,6 +47,7 @@ int llhttp__internal_execute(llhttp__internal_t* s, const char* p, const char* e
 #endif
 #endif  /* INCLUDE_LLHTTP_ITSELF_H_ */

+
 #ifndef LLLLHTTP_C_HEADERS_
 #define LLLLHTTP_C_HEADERS_
 #ifdef __cplusplus
@@ -114,7 +112,12 @@ enum llhttp_lenient_flags {
  LENIENT_CHUNKED_LENGTH = 0x2,
  LENIENT_KEEP_ALIVE = 0x4,
  LENIENT_TRANSFER_ENCODING = 0x8,
-  LENIENT_VERSION = 0x10
+  LENIENT_VERSION = 0x10,
+  LENIENT_DATA_AFTER_CLOSE = 0x20,
+  LENIENT_OPTIONAL_LF_AFTER_CR = 0x40,
+  LENIENT_OPTIONAL_CRLF_AFTER_CHUNK = 0x80,
+  LENIENT_OPTIONAL_CR_BEFORE_LF = 0x100,
+  LENIENT_SPACES_AFTER_CHUNK_SIZE = 0x200
 };
 typedef enum llhttp_lenient_flags llhttp_lenient_flags_t;

@@ -534,6 +537,7 @@ typedef enum llhttp_status llhttp_status_t;
 #endif
 #endif  /* LLLLHTTP_C_HEADERS_ */

+
 #ifndef INCLUDE_LLHTTP_API_H_
 #define INCLUDE_LLHTTP_API_H_
 #ifdef __cplusplus
@@ -759,7 +763,8 @@ const char* llhttp_status_name(llhttp_status_t status);
 * `HPE_INVALID_HEADER_TOKEN` will be raised for incorrect header values when
 * lenient parsing is "on".
 *
- * **(USE AT YOUR OWN RISK)**
+ * **Enabling this flag can pose a security issue since you will be exposed to
+ * request smuggling attacks. USE WITH CAUTION!**
 */
 LLHTTP_EXPORT
 void llhttp_set_lenient_headers(llhttp_t* parser, int enabled);
@@ -773,7 +778,8 @@ void llhttp_set_lenient_headers(llhttp_t* parser, int enabled);
 * request smuggling, but may be less desirable for small number of cases
 * involving legacy servers.
 *
- * **(USE AT YOUR OWN RISK)**
+ * **Enabling this flag can pose a security issue since you will be exposed to
+ * request smuggling attacks. USE WITH CAUTION!**
 */
 LLHTTP_EXPORT
 void llhttp_set_lenient_chunked_length(llhttp_t* parser, int enabled);
@@ -788,7 +794,8 @@ void llhttp_set_lenient_chunked_length(llhttp_t* parser, int enabled);
 * but might interact badly with outdated and insecure clients. With this flag
 * the extra request/response will be parsed normally.
 *
- * **(USE AT YOUR OWN RISK)**
+ * **Enabling this flag can pose a security issue since you will be exposed to
+ * poisoning attacks. USE WITH CAUTION!**
 */
 LLHTTP_EXPORT
 void llhttp_set_lenient_keep_alive(llhttp_t* parser, int enabled);
@@ -802,14 +809,90 @@ void llhttp_set_lenient_keep_alive(llhttp_t* parser, int enabled);
 * avoid request smuggling.
 * With this flag the extra value will be parsed normally.
 *
- * **(USE AT YOUR OWN RISK)**
+ * **Enabling this flag can pose a security issue since you will be exposed to
+ * request smuggling attacks. USE WITH CAUTION!**
 */
 LLHTTP_EXPORT
 void llhttp_set_lenient_transfer_encoding(llhttp_t* parser, int enabled);

+/* Enables/disables lenient handling of HTTP version.
+ *
+ * Normally `llhttp` would error when the HTTP version in the request or status line
+ * is not `0.9`, `1.0`, `1.1` or `2.0`.
+ * With this flag the invalid value will be parsed normally.
+ *
+ * **Enabling this flag can pose a security issue since you will allow unsupported
+ * HTTP versions. USE WITH CAUTION!**
+ */
+LLHTTP_EXPORT
+void llhttp_set_lenient_version(llhttp_t* parser, int enabled);
+
+/* Enables/disables lenient handling of additional data received after a message ends
+ * and keep-alive is disabled.
+ *
+ * Normally `llhttp` would error when additional unexpected data is received if the message
+ * contains the `Connection` header with `close` value.
+ * With this flag the extra data will discarded without throwing an error.
+ *
+ * **Enabling this flag can pose a security issue since you will be exposed to
+ * poisoning attacks. USE WITH CAUTION!**
+ */
+LLHTTP_EXPORT
+void llhttp_set_lenient_data_after_close(llhttp_t* parser, int enabled);
+
+/* Enables/disables lenient handling of incomplete CRLF sequences.
+ *
+ * Normally `llhttp` would error when a CR is not followed by LF when terminating the
+ * request line, the status line, the headers or a chunk header.
+ * With this flag only a CR is required to terminate such sections.
+ *
+ * **Enabling this flag can pose a security issue since you will be exposed to
+ * request smuggling attacks. USE WITH CAUTION!**
+ */
+LLHTTP_EXPORT
+void llhttp_set_lenient_optional_lf_after_cr(llhttp_t* parser, int enabled);
+
+/*
+ * Enables/disables lenient handling of line separators.
+ *
+ * Normally `llhttp` would error when a LF is not preceded by CR when terminating the
+ * request line, the status line, the headers, a chunk header or a chunk data.
+ * With this flag only a LF is required to terminate such sections.
+ *
+ * **Enabling this flag can pose a security issue since you will be exposed to
+ * request smuggling attacks. USE WITH CAUTION!**
+ */
+LLHTTP_EXPORT
+void llhttp_set_lenient_optional_cr_before_lf(llhttp_t* parser, int enabled);
+
+/* Enables/disables lenient handling of chunks not separated via CRLF.
+ *
+ * Normally `llhttp` would error when after a chunk data a CRLF is missing before
+ * starting a new chunk.
+ * With this flag the new chunk can start immediately after the previous one.
+ *
+ * **Enabling this flag can pose a security issue since you will be exposed to
+ * request smuggling attacks. USE WITH CAUTION!**
+ */
+LLHTTP_EXPORT
+void llhttp_set_lenient_optional_crlf_after_chunk(llhttp_t* parser, int enabled);
+
+/* Enables/disables lenient handling of spaces after chunk size.
+ *
+ * Normally `llhttp` would error when after a chunk size is followed by one or more
+ * spaces are present instead of a CRLF or `;`.
+ * With this flag this check is disabled.
+ *
+ * **Enabling this flag can pose a security issue since you will be exposed to
+ * request smuggling attacks. USE WITH CAUTION!**
+ */
+LLHTTP_EXPORT
+void llhttp_set_lenient_spaces_after_chunk_size(llhttp_t* parser, int enabled);
+
 #ifdef __cplusplus
 }  /* extern "C" */
 #endif
 #endif  /* INCLUDE_LLHTTP_API_H_ */

+
 #endif  /* INCLUDE_LLHTTP_H_ */