Correctness, memory leak fixes

8 years ago · c10608f385
parent ca7aeea825
commit c10608f385
3 changed files with 25 additions and 9 deletions
--- a/src/core/lib/security/transport/client_auth_filter.c
+++ b/src/core/lib/security/transport/client_auth_filter.c
@ -133,12 +133,24 @@ static void on_credentials_metadata(grpc_exec_ctx *exec_ctx, void *user_data,
  mdb = op->send_initial_metadata;
  grpc_error *error = GRPC_ERROR_NONE;
  for (i = 0; i < num_md; i++) {
-    add_error(&error,
-              grpc_metadata_batch_add_tail(
-                  mdb, &calld->md_links[i],
-                  grpc_mdelem_from_slices(
-                      exec_ctx, grpc_slice_ref_internal(md_elems[i].key),
-                      grpc_slice_ref_internal(md_elems[i].value))));
+    if (!grpc_header_key_is_legal(md_elems[i].key)) {
+      char *str = grpc_dump_slice(md_elems[i].key, GPR_DUMP_ASCII);
+      gpr_log(GPR_ERROR, "attempt to send invalid metadata key: %s", str);
+      gpr_free(str);
+    } else if (!grpc_is_binary_header(md_elems[i].key) &&
+               !grpc_header_nonbin_value_is_legal(md_elems[i].value)) {
+      char *str =
+          grpc_dump_slice(md_elems[i].value, GPR_DUMP_HEX | GPR_DUMP_ASCII);
+      gpr_log(GPR_ERROR, "attempt to send invalid metadata value: %s", str);
+      gpr_free(str);
+    } else {
+      add_error(&error,
+                grpc_metadata_batch_add_tail(
+                    mdb, &calld->md_links[i],
+                    grpc_mdelem_from_slices(
+                        exec_ctx, grpc_slice_ref_internal(md_elems[i].key),
+                        grpc_slice_ref_internal(md_elems[i].value))));
+    }
  }
  if (error == GRPC_ERROR_NONE) {
    grpc_call_next_op(exec_ctx, elem, op);
--- a/src/core/lib/security/transport/server_auth_filter.c
+++ b/src/core/lib/security/transport/server_auth_filter.c
@ -127,6 +127,10 @@ static void on_md_processing_done(
        grpc_metadata_batch_filter(&exec_ctx, calld->recv_initial_metadata,
                                   remove_consumed_md, elem,
                                   "Response metadata filtering error"));
+    for (size_t i = 0; i < calld->md.count; i++) {
+      grpc_slice_unref_internal(&exec_ctx, calld->md.metadata[i].key);
+      grpc_slice_unref_internal(&exec_ctx, calld->md.metadata[i].value);
+    }
    grpc_metadata_array_destroy(&calld->md);
    grpc_exec_ctx_sched(&exec_ctx, calld->on_done_recv, GRPC_ERROR_NONE, NULL);
  } else {
--- a/test/core/end2end/fixtures/h2_oauth2.c
+++ b/test/core/end2end/fixtures/h2_oauth2.c
@ -74,7 +74,7 @@ static void process_oauth2_success(void *state, grpc_auth_context *ctx,
                                   grpc_process_auth_metadata_done_cb cb,
                                   void *user_data) {
  const grpc_metadata *oauth2 =
-      find_metadata(md, md_count, "Authorization", oauth2_md);
+      find_metadata(md, md_count, "authorization", oauth2_md);
  test_processor_state *s;

  GPR_ASSERT(state != NULL);
@ -93,7 +93,7 @@ static void process_oauth2_failure(void *state, grpc_auth_context *ctx,
                                   grpc_process_auth_metadata_done_cb cb,
                                   void *user_data) {
  const grpc_metadata *oauth2 =
-      find_metadata(md, md_count, "Authorization", oauth2_md);
+      find_metadata(md, md_count, "authorization", oauth2_md);
  test_processor_state *s;
  GPR_ASSERT(state != NULL);
  s = (test_processor_state *)state;
@ -154,7 +154,7 @@ static void chttp2_init_client_simple_ssl_with_oauth2_secure_fullstack(
  grpc_channel_credentials *ssl_creds =
      grpc_ssl_credentials_create(test_root_cert, NULL, NULL);
  grpc_call_credentials *oauth2_creds =
-      grpc_md_only_test_credentials_create("Authorization", oauth2_md, 1);
+      grpc_md_only_test_credentials_create("authorization", oauth2_md, 1);
  grpc_channel_credentials *ssl_oauth2_creds =
      grpc_composite_channel_credentials_create(ssl_creds, oauth2_creds, NULL);
  grpc_arg ssl_name_override = {GRPC_ARG_STRING,