Tighten content-length header parsing in shared spdy code, not flag protected This CL is to fix crbug.com/596576. PiperOrigin-RevId: 325516552 Change-Id: I64dc8c9127b6b40b959172fd0c42bb6697899098

commit: d89ad8ddcec517e977924e0bc5af03ca6c82a6f6 [log] [tgz]
author: nharper <nharper@google.com> Fri Aug 07 15:05:36 2020 -0700
committer: Copybara-Service <copybara-worker@google.com> Fri Aug 07 15:06:21 2020 -0700
tree: 04924b21921f10846fdd3b52fa28e3583d30fa4c
parent: db0253c93b9b0d15c859744cd242df4a7e4f6e09 [diff] [blame]
diff --git a/quic/core/http/spdy_utils_test.cc b/quic/core/http/spdy_utils_test.cc
index 55d4706..dd8079e 100644
--- a/quic/core/http/spdy_utils_test.cc
+++ b/quic/core/http/spdy_utils_test.cc

@@ -141,6 +141,20 @@
   EXPECT_EQ(9000000000, content_length);
 }
 
+TEST_F(CopyAndValidateHeaders, NonDigitContentLength) {
+  // Section 3.3.2 of RFC 7230 defines content-length as being only digits.
+  // Number parsers might accept symbols like a leading plus; test that this
+  // fails to parse.
+  auto headers = FromList({{"content-length", "+123"},
+                           {"foo", "foovalue"},
+                           {"bar", "barvalue"},
+                           {"baz", ""}});
+  int64_t content_length = -1;
+  SpdyHeaderBlock block;
+  EXPECT_FALSE(
+      SpdyUtils::CopyAndValidateHeaders(*headers, &content_length, &block));
+}
+
 TEST_F(CopyAndValidateHeaders, MultipleValues) {
   auto headers = FromList({{"foo", "foovalue"},
                            {"bar", "barvalue"},
commit	d89ad8ddcec517e977924e0bc5af03ca6c82a6f6	[log] [tgz]
author	nharper <nharper@google.com>	Fri Aug 07 15:05:36 2020 -0700
committer	Copybara-Service <copybara-worker@google.com>	Fri Aug 07 15:06:21 2020 -0700
tree	04924b21921f10846fdd3b52fa28e3583d30fa4c
parent	db0253c93b9b0d15c859744cd242df4a7e4f6e09 [diff] [blame]