From aae0bfd5b8e4ac85d97cdce4a0fcd405f3160cd7 Mon Sep 17 00:00:00 2001 From: wolfbeast Date: Sat, 20 Jul 2019 13:59:45 +0200 Subject: Check port safety for AltSvc --- netwerk/protocol/http/AlternateServices.cpp | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'netwerk/protocol/http') diff --git a/netwerk/protocol/http/AlternateServices.cpp b/netwerk/protocol/http/AlternateServices.cpp index ee2fa9331..10bd61928 100644 --- a/netwerk/protocol/http/AlternateServices.cpp +++ b/netwerk/protocol/http/AlternateServices.cpp @@ -121,6 +121,11 @@ AltSvcMapping::ProcessHeader(const nsCString &buf, const nsCString &originScheme continue; } + if (NS_FAILED(NS_CheckPortSafety(portno, originScheme.get()))) { + LOG(("Alt Svc does not allow port %d, ignoring request", portno)); + continue; + } + // unescape modifies a c string in place, so afterwards // update nsCString length nsUnescape(npnToken.BeginWriting()); -- cgit v1.2.3