fix(core): Regex header values in traditional router are now validated

Fix FTI-5403
Kong · Jan 18, 2024 · f004449 · f004449
1 parent 0c5fe19
commit f004449
Show file tree

Hide file tree

Showing 4 changed files with 41 additions and 0 deletions.
diff --git a/changelog/unreleased/kong/traditional_router_header_validation.yml b/changelog/unreleased/kong/traditional_router_header_validation.yml
@@ -0,0 +1,3 @@
+message: Regex header values in traditional router are now validated.
+type: bugfix
+scope: Core
diff --git a/kong/db/schema/entities/routes.lua b/kong/db/schema/entities/routes.lua
@@ -154,6 +154,10 @@ else
             },
           },
         },
+        values = {
+          type = "array",
+          elements = typedefs.regex_or_plain_pattern,
+        }
       } },
       { https_redirect_status_code = { type = "integer",
                                        description = "The status code Kong responds with when all properties of a Route match except the protocol",

diff --git a/kong/db/schema/typedefs.lua b/kong/db/schema/typedefs.lua
@@ -521,6 +521,23 @@ local function validate_path_with_regexes(path)
   return true
 end
 
+local function validate_regex_or_plain_pattern(pattern)
+  if pattern:sub(1, 1) ~= "~" then
+    return true
+  end
+
+  pattern = pattern:sub(2)
+
+  local _, _, err = ngx.re.find("", pattern, "aj")
+  if err then
+    return nil,
+           string.format("invalid regex: '%s' (PCRE returned: %s)",
+                         pattern, err)
+  end
+
+  return true
+end
+
 
 typedefs.sources = Schema.define {
   type = "set",
@@ -620,6 +637,12 @@ typedefs.headers = Schema.define {
   description = "A map of header names to arrays of header values."
 }
 
+typedefs.regex_or_plain_pattern = Schema.define {
+  type = "string",
+  custom_validator = validate_regex_or_plain_pattern,
+  description = "A string representing a regex or plain pattern."
+}
+
 typedefs.no_headers = Schema.define(typedefs.headers { eq = null, description = "A null value representing no headers." })
 
 typedefs.semantic_version = Schema.define {

diff --git a/spec/01-unit/01-db/01-schema/06-routes_spec.lua b/spec/01-unit/01-db/01-schema/06-routes_spec.lua
@@ -617,6 +617,17 @@ describe("routes schema (flavor = traditional/traditional_compatible)", function
       assert.falsy(ok)
       assert.equal("length must be at least 1", err.headers[1])
     end)
+
+    it("value must be a plain pattern or a valid regex pattern", function()
+      local route = {
+        headers = { location = { "~[" } },
+        protocols = { "http" },
+      }
+
+      local ok, err = Routes:validate(route)
+      assert.falsy(ok)
+      assert.match("invalid regex", err.headers[1])
+    end)
   end)
 
   describe("methods attribute", function()