[fuzz] small fuzz blockers related to header validations in API (#10466)

Fixes two small fuzz blockers related to API validations. This uses non-strict header checks (
)

1. route_fuzz_test doesn't validate headers against /r/n/0
2. HeaderToMetadata filter includes rules on a header, which needs to be validated

Fixes:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21317
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21298

Corpus entries added.

Signed-off-by: Asra Ali <asraa@google.com>

Mirrored from https://github.com/envoyproxy/envoy @ 276ba4b8cb39ce47c9027d9747d91364939236c0
master-ci-test
data-plane-api(CircleCI) 5 years ago
parent b1336cc282
commit 1f06179b72
  1. 3
      envoy/config/filter/http/header_to_metadata/v2/header_to_metadata.proto
  2. 3
      envoy/extensions/filters/http/header_to_metadata/v3/header_to_metadata.proto

@ -69,7 +69,8 @@ message Config {
// A Rule defines what metadata to apply when a header is present or missing.
message Rule {
// The header that triggers this rule required.
string header = 1 [(validate.rules).string = {min_bytes: 1}];
string header = 1
[(validate.rules).string = {min_bytes: 1 well_known_regex: HTTP_HEADER_NAME strict: false}];
// If the header is present, apply this metadata KeyValuePair.
//

@ -77,7 +77,8 @@ message Config {
"envoy.config.filter.http.header_to_metadata.v2.Config.Rule";
// The header that triggers this rule required.
string header = 1 [(validate.rules).string = {min_bytes: 1}];
string header = 1
[(validate.rules).string = {min_bytes: 1 well_known_regex: HTTP_HEADER_NAME strict: false}];
// If the header is present, apply this metadata KeyValuePair.
//

Loading…
Cancel
Save