[
https://issues.apache.org/jira/browse/TS-1660?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13618934#comment-13618934
]
Leif Hedstrom commented on TS-1660:
-----------------------------------
weijin: Looking at this code, can you explain to me how the \0 sneaks in there
? If it's from client / user input, shouldn't the validation happen when we
read / parse the request ? I.e. how would we get a '\0' into the Host: in the
first place ?
> Host field should not has c style terminator
> ---------------------------------------------
>
> Key: TS-1660
> URL: https://issues.apache.org/jira/browse/TS-1660
> Project: Traffic Server
> Issue Type: Bug
> Components: HTTP
> Reporter: weijin
> Assignee: Leif Hedstrom
> Fix For: 3.3.2
>
> Attachments: ts-1660.diff
>
>
> if host field of client has c style terminator, it may lead to serious
> problems (e.g. ats use c string to do hostdb lookup).
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
