Skip to content

Kestrel's ParseHeaders throws an ArgumentOutOfRange exception on certain headers #61245

New issue
New issue
Open
#61316
Open
Kestrel's ParseHeaders throws an ArgumentOutOfRange exception on certain headers#61245
#61316
Labels
area-networkingIncludes servers, yarp, json patch, bedrock, websockets, http client factory, and http abstractionsfeature-kestrelhelp wantedUp for grabs. We would accept a PR to help resolve this issue
@WereWind1

Description

@WereWind1
WereWind1
opened on Mar 31, 2025

Is there an existing issue for this?

  • I have searched the existing issues

Describe the bug

I have been fuzzing some of the Kestrel methods and ran into a part where in crashes on certain multi-span headers. The issue seems to be in the fact that on multispan headers where one section ends with cr kestrel tries to see if there is data after cr inside the whole header (there is) and then when it rejects the header it tries to grab extra data from the specific span it inspects (and there is no data) so it throws

Expected Behavior

ParseHeaders module cleanly rejects the problematic header without exceptions

Steps To Reproduce

https://github.com/WereWind1/KestrelHttpParserExceptionMinimal

Exceptions (if any)

ArgumentOutOfRange

.NET Version

6.0.36 8.0.14 9.0.3

Anything else?

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    area-networkingIncludes servers, yarp, json patch, bedrock, websockets, http client factory, and http abstractionsfeature-kestrelhelp wantedUp for grabs. We would accept a PR to help resolve this issue

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions