From fcd1470c8f3a15860accf46260f7ecc4d88dc345 Mon Sep 17 00:00:00 2001
From: "data-plane-api(CircleCI)" <data-plane-api@users.noreply.github.com>
Date: Thu, 19 Jul 2018 14:48:11 +0000
Subject: [PATCH] api: ensure HeaderValue keys are non-empty. (#3901)

Some sites where we consume HeaderValue, e.g. in Google gRPC client library metadata, require
non-empty keys as a precondition. This seems a general property; there shouldn't be any use case for
a header key that is empty.

Found with server_fuzz_test under oss-fuzz (issue 9373). As a bonus, also fixed another proto
descriptor crash that occurs with this corpus addition due to missing proto descriptor pool entries
in server_fuzz_test.

Risk level: Low
Testing: New server_fuzz corpus entry.

Signed-off-by: Harvey Tuch <htuch@google.com>

Mirrored from https://github.com/envoyproxy/envoy @ 8ed7c157c4b672763ae74e526e69ef43dda52549
---
 envoy/api/v2/core/base.proto | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/envoy/api/v2/core/base.proto b/envoy/api/v2/core/base.proto
index ffdd03fd..1e86c529 100644
--- a/envoy/api/v2/core/base.proto
+++ b/envoy/api/v2/core/base.proto
@@ -133,7 +133,7 @@ enum RequestMethod {
 // Header name/value pair.
 message HeaderValue {
   // Header name.
-  string key = 1;
+  string key = 1 [(validate.rules).string.min_bytes = 1];
 
   // Header value.
   //