area/httparea/securityhelp wanted
倉庫指標
- Star
- (27,997 star)
- PR 合併指標
- (平均合併 8天) (30 天內合併 378 個 PR)
描述
This issue describes a scan of ASSERTs in the HTTP/1.1 codec and recommendations to change some: https://gist.github.com/asraa/9d5d60b0af53dc88ce39d8cfd71ef12a
Those marked with a verdict have been audited or unknown if they need a pair of eyes.
- Change 2 potential triggerable conditions: https://github.com/envoyproxy/envoy/blob/38ec92e7f717954d2c01e64a47de6946775c9322/source/common/http/http1/codec_impl.cc#L341 https://github.com/envoyproxy/envoy/blob/38ec92e7f717954d2c01e64a47de6946775c9322/source/common/http/http1/codec_impl.cc#L381
- Fill in any UNKNOWN
- https://github.com/envoyproxy/envoy/blob/38ec92e7f717954d2c01e64a47de6946775c9322/source/common/http/http1/codec_impl.cc#L1148
- https://github.com/envoyproxy/envoy/blob/38ec92e7f717954d2c01e64a47de6946775c9322/source/common/http/http1/codec_impl.cc#L804
- https://github.com/envoyproxy/envoy/blob/38ec92e7f717954d2c01e64a47de6946775c9322/source/common/http/http1/codec_impl.cc#L141