From 3e7a9570ef795f04ac4742dcc5e61a9388a30152 Mon Sep 17 00:00:00 2001
From: "data-plane-api(CircleCI)" <data-plane-api@users.noreply.github.com>
Date: Mon, 27 Aug 2018 23:03:23 +0000
Subject: [PATCH] router: disallow :path/host rewriting in
 request_headers_to_add. (#4220)

We have dedicated alternative mechanisms for this in RouteAction, it can
confuse other actions (e.g. prefix_rewrite).

Fixes oss-fuzz issue https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9995.

Risk level: Low
Testing: Unit tests and corpus entry added.

Signed-off-by: Harvey Tuch <htuch@google.com>

Mirrored from https://github.com/envoyproxy/envoy @ b9dc5d9a04411fe72ff516cbaef527dd8c016ae9
---
 envoy/api/v2/core/base.proto | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/envoy/api/v2/core/base.proto b/envoy/api/v2/core/base.proto
index 1e86c529..4c72b9a0 100644
--- a/envoy/api/v2/core/base.proto
+++ b/envoy/api/v2/core/base.proto
@@ -146,7 +146,7 @@ message HeaderValue {
 // Header name/value pair plus option to control append behavior.
 message HeaderValueOption {
   // Header name/value pair that this option applies to.
-  HeaderValue header = 1;
+  HeaderValue header = 1 [(validate.rules).message.required = true];
 
   // Should the value be appended? If true (default), the value is appended to
   // existing values.