diff --git a/debian/apertis/copyright b/debian/apertis/copyright index aaeb39ae82d415a16dee0c31479f987047357cfb..f89a2214982abc33b2ffbbbe9aea2927904331cf 100644 --- a/debian/apertis/copyright +++ b/debian/apertis/copyright @@ -21,7 +21,8 @@ Copyright: 2017, 2018, Adrian Heine License: Expat Files: deps/cares/* -Copyright: no-info-found +Copyright: 2007-2018, Daniel Stenberg with many contributors, see AUTHORS + 1998, the Massachusetts Institute of Technology. License: NTP Files: deps/cares/Makefile.msvc @@ -67,7 +68,8 @@ Files: deps/cares/docs/ares_free_data.3 deps/cares/docs/ares_init_options.3 deps/cares/docs/ares_library_cleanup.3 deps/cares/docs/ares_library_init.3 -Copyright: no-info-found +Copyright: 2004-2017, Daniel Stenberg + 1998, the Massachusetts Institute of Technology. License: NTP Files: deps/cares/docs/ares_getnameinfo.3 @@ -100,7 +102,8 @@ Copyright: 2004-2021, Daniel Stenberg et al License: NTP Files: deps/cares/include/ares.h -Copyright: no-info-found +Copyright: 2004-2017, Daniel Stenberg + 1998, the Massachusetts Institute of Technology. License: NTP Files: deps/cares/include/ares_dns.h @@ -126,19 +129,27 @@ License: FSFAP Files: deps/cares/m4/ax_add_am_macro_static.m4 deps/cares/m4/ax_am_macros_static.m4 -Copyright: no-info-found +Copyright: 2009, Tom Howard <tomhoward@users.sf.net> + 2009, Allan Caffee <allan.caffee@gmail.com> License: FSFAP Files: deps/cares/m4/ax_check_gnu_make.m4 -Copyright: no-info-found +Copyright: 2015, Enrico M. Crisostomo <enrico.m.crisostomo@gmail.com> + 2008, John Darrington <j.darrington@elvis.murdoch.edu.au> License: FSFAP Files: deps/cares/m4/ax_code_coverage.m4 -Copyright: no-info-found +Copyright: 2012, Xan Lopez + 2012, Paolo Borelli + 2012, Christian Persch + 2012, 2016, Philip Withnall License: LGPL Files: deps/cares/m4/ax_cxx_compile_stdcxx_11.m4 -Copyright: no-info-found +Copyright: 2014, 2015, Google Inc.; contributedAlexey Sokolov <sokolov@google.com> + 2013, Roy Stogner <roystgnr@ices.utexas.edu> + 2012, Zack Weinberg <zackw@panix.com> + 2008, Benjamin Kosnik <bkoz@redhat.com> License: FSFAP Files: deps/cares/m4/ax_file_escapes.m4 @@ -146,7 +157,8 @@ Copyright: 2008, Tom Howard <tomhoward@users.sf.net> License: FSFAP Files: deps/cares/m4/ax_pthread.m4 -Copyright: no-info-found +Copyright: 2011, Daniel Richard G. <skunk@iSKUNK.ORG> + 2008, Steven G. Johnson <stevenj@alum.mit.edu> License: GPL Files: deps/cares/m4/ax_require_defined.m4 @@ -179,7 +191,10 @@ Copyright: 1998, 2000, 2011, 2013, the Massachusetts Institute of Technology. License: NTP Files: deps/cares/src/lib/ares__addrinfo2hostent.c -Copyright: no-info-found +Copyright: 2021, Brad House + 2019, Andrew Selivanov + 2005, Dominick Meglio + 1998, the Massachusetts Institute of Technology. License: NTP Files: deps/cares/src/lib/ares__addrinfo_localhost.c @@ -192,7 +207,9 @@ Copyright: 2019, Andrew Selivanov License: NTP Files: deps/cares/src/lib/ares__sortaddrinfo.c -Copyright: no-info-found +Copyright: 2019, Andrew Selivanov + 2018, The Android Open Source Project + 1995-1997, and 1998, WIDE Project. License: BSD-3-clause Files: deps/cares/src/lib/ares__timeval.c @@ -227,16 +244,20 @@ Files: deps/cares/src/lib/ares_destroy.c deps/cares/src/lib/ares_options.c deps/cares/src/lib/ares_private.h deps/cares/src/lib/ares_process.c -Copyright: no-info-found +Copyright: 2004-2017, Daniel Stenberg + 1998, the Massachusetts Institute of Technology. License: NTP Files: deps/cares/src/lib/ares_freeaddrinfo.c deps/cares/src/lib/ares_parse_a_reply.c -Copyright: no-info-found +Copyright: 2019, Andrew Selivanov + 1998, the Massachusetts Institute of Technology. License: NTP Files: deps/cares/src/lib/ares_getaddrinfo.c -Copyright: no-info-found +Copyright: 2019, Andrew Selivanov + 2017, 2018, Christian Ammer + 1998, 2011, 2013, the Massachusetts Institute of Technology. License: NTP Files: deps/cares/src/lib/ares_getnameinfo.c @@ -248,11 +269,14 @@ License: NTP Files: deps/cares/src/lib/ares_iphlpapi.h deps/cares/src/lib/ares_platform.c deps/cares/src/lib/ares_platform.h -Copyright: no-info-found +Copyright: 2004-2011, Daniel Stenberg et al + 1998, the Massachusetts Institute of Technology. License: NTP Files: deps/cares/src/lib/ares_parse_aaaa_reply.c -Copyright: no-info-found +Copyright: 2019, Andrew Selivanov + 2005, Dominick Meglio + 1998, the Massachusetts Institute of Technology. License: NTP Files: deps/cares/src/lib/ares_parse_caa_reply.c @@ -260,24 +284,28 @@ Copyright: 2020, <danny.sonnenschein@platynum.ch> License: NTP Files: deps/cares/src/lib/ares_parse_mx_reply.c -Copyright: no-info-found +Copyright: 2010, Jeremy Lal <kapouer@melix.org> + 1998, the Massachusetts Institute of Technology. License: NTP Files: deps/cares/src/lib/ares_parse_naptr_reply.c deps/cares/src/lib/ares_parse_srv_reply.c deps/cares/src/lib/ares_parse_txt_reply.c deps/cares/src/lib/ares_parse_uri_reply.c -Copyright: no-info-found +Copyright: 2009, Jakub Hrozek <jhrozek@redhat.com> + 1998, the Massachusetts Institute of Technology. License: NTP Files: deps/cares/src/lib/ares_parse_soa_reply.c -Copyright: no-info-found +Copyright: 2012, Marko Kreen <markokr@gmail.com> + 1998, the Massachusetts Institute of Technology. License: NTP Files: deps/cares/src/lib/bitncmp.c deps/cares/src/lib/inet_net_pton.c deps/cares/src/lib/inet_ntop.c -Copyright: no-info-found +Copyright: 2004, Internet Systems Consortium, Inc. ("ISC") + 1996-1999, Internet Software Consortium. License: ISC Files: deps/cares/src/tools/acountry.c @@ -294,7 +322,9 @@ Copyright: 2018-2020, Guy Bedford License: Expat Files: deps/histogram/* -Copyright: no-info-found +Copyright: 2014, Michael Barker + 2014, Matt Warren + 2012-2014, Gil Tene License: BSD-2-clause and/or public-domain Files: deps/histogram/src/* @@ -314,7 +344,8 @@ Copyright: Fedor Indutny, 2018. License: Expat Files: deps/nghttp2/* -Copyright: no-info-found +Copyright: 2012, 2014-2016, nghttp2 contributors + 2012, 2014-2016, Tatsuhiro Tsujikawa License: Expat Files: deps/nghttp2/lib/* @@ -326,7 +357,8 @@ Copyright: 1995-2022, The OpenSSL Project Authors. License: OpenSSL Files: deps/openssl/openssl/* -Copyright: no-info-found +Copyright: 1998-2019, The OpenSSL Project. + 1995-1998, Eric A. Young, Tim J. Hudson License: Apache-1.0 and/or BSD-4-clause Files: deps/openssl/openssl/CONTRIBUTING @@ -353,31 +385,39 @@ Copyright: 1995-2022, The OpenSSL Project Authors. License: OpenSSL Files: deps/openssl/openssl/apps/ecparam.c -Copyright: no-info-found +Copyright: 2002-2021, The OpenSSL Project Authors. + 2002, 2017, 2018, Oracle and/or its affiliates. License: OpenSSL Files: deps/openssl/openssl/apps/rehash.c -Copyright: no-info-found +Copyright: 2015-2020, The OpenSSL Project Authors. + 2013, 2014, Timo Teräs <timo.teras@gmail.com> License: OpenSSL Files: deps/openssl/openssl/apps/s_client.c -Copyright: no-info-found +Copyright: 2005, Nokia. + 1995-2021, The OpenSSL Project Authors. License: OpenSSL Files: deps/openssl/openssl/apps/s_server.c -Copyright: no-info-found +Copyright: 2005, Nokia. + 2002, Oracle and/or its affiliates. + 1995-2022, The OpenSSL Project Authors. License: OpenSSL Files: deps/openssl/openssl/apps/speed.c -Copyright: no-info-found +Copyright: 2002, 2017, Oracle and/or its affiliates. + 1995-2022, The OpenSSL Project Authors. License: OpenSSL Files: deps/openssl/openssl/apps/srp.c -Copyright: no-info-found +Copyright: 2004-2021, The OpenSSL Project Authors. + 2004, EdelKey Project. License: OpenSSL Files: deps/openssl/openssl/apps/tsget.in -Copyright: no-info-found +Copyright: 2002-2018, The OpenSSL Project Authors. + 2002, The OpenTSA Project. License: OpenSSL Files: deps/openssl/openssl/apps/vms_decc_argv.c @@ -386,7 +426,8 @@ License: Apache-2.0 Files: deps/openssl/openssl/apps/vms_term_sock.c deps/openssl/openssl/apps/vms_term_sock.h -Copyright: no-info-found +Copyright: 2016, VMS Software, Inc. + 2016, The OpenSSL Project Authors. License: OpenSSL Files: deps/openssl/openssl/crypto/* @@ -412,7 +453,8 @@ Copyright: 2004-2020, The OpenSSL Project Authors. License: BSD-2-clause and/or OpenSSL Files: deps/openssl/openssl/crypto/aria/* -Copyright: no-info-found +Copyright: 2002-2021, The OpenSSL Project Authors. + 2002, 2017, 2018, Oracle and/or its affiliates. License: OpenSSL Files: deps/openssl/openssl/crypto/bn/* @@ -425,7 +467,8 @@ License: OpenSSL Files: deps/openssl/openssl/crypto/bn/asm/rsaz-avx2.pl deps/openssl/openssl/crypto/bn/asm/rsaz-x86_64.pl -Copyright: no-info-found +Copyright: 2013-2020, The OpenSSL Project Authors. + 2012, Intel Corporation. License: OpenSSL Files: deps/openssl/openssl/crypto/bn/asm/sparct4-mont.pl @@ -469,12 +512,14 @@ Copyright: 1995-2022, The OpenSSL Project Authors. License: OpenSSL Files: deps/openssl/openssl/crypto/bn/bn_gf2m.c -Copyright: no-info-found +Copyright: 2002-2021, The OpenSSL Project Authors. + 2002, 2017, 2018, Oracle and/or its affiliates. License: OpenSSL Files: deps/openssl/openssl/crypto/bn/rsaz_exp.c deps/openssl/openssl/crypto/bn/rsaz_exp.h -Copyright: no-info-found +Copyright: 2013-2020, The OpenSSL Project Authors. + 2012, Intel Corporation. License: OpenSSL Files: deps/openssl/openssl/crypto/camellia/asm/* @@ -486,7 +531,8 @@ Copyright: 2004-2020, The OpenSSL Project Authors. License: BSD-2-clause and/or OpenSSL Files: deps/openssl/openssl/crypto/cryptlib.c -Copyright: no-info-found +Copyright: 2002, 2017, Oracle and/or its affiliates. + 1995-2022, The OpenSSL Project Authors. License: OpenSSL Files: deps/openssl/openssl/crypto/des/asm/dest4-sparcv9.pl @@ -494,11 +540,14 @@ Copyright: 2004-2020, The OpenSSL Project Authors. License: BSD-2-clause and/or OpenSSL Files: deps/openssl/openssl/crypto/ec/asm/ecp_nistz256-x86_64.pl -Copyright: no-info-found +Copyright: 2015, CloudFlare, Inc. + 2014-2020, The OpenSSL Project Authors. + 2014, Intel Corporation. License: OpenSSL Files: deps/openssl/openssl/crypto/ec/curve448/* -Copyright: no-info-found +Copyright: 2017-2021, The OpenSSL Project Authors. + 2014-2016, Cryptography Research, Inc. License: OpenSSL Files: deps/openssl/openssl/crypto/ec/curve448/curve448_local.h @@ -513,7 +562,8 @@ Files: deps/openssl/openssl/crypto/ec/ec2_oct.c deps/openssl/openssl/crypto/ec/ecdh_ossl.c deps/openssl/openssl/crypto/ec/eck_prn.c deps/openssl/openssl/crypto/ec/ecp_oct.c -Copyright: no-info-found +Copyright: 2002-2021, The OpenSSL Project Authors. + 2002, 2017, 2018, Oracle and/or its affiliates. License: OpenSSL Files: deps/openssl/openssl/crypto/ec/ec_cvt.c @@ -523,7 +573,8 @@ Files: deps/openssl/openssl/crypto/ec/ec_cvt.c deps/openssl/openssl/crypto/ec/ecp_mont.c deps/openssl/openssl/crypto/ec/ecp_nist.c deps/openssl/openssl/crypto/ec/ecp_smpl.c -Copyright: no-info-found +Copyright: 2002, 2017, Oracle and/or its affiliates. + 1995-2022, The OpenSSL Project Authors. License: OpenSSL Files: deps/openssl/openssl/crypto/ec/ecp_nistp224.c @@ -534,47 +585,58 @@ Copyright: 2010-2020, The OpenSSL Project Authors. License: Apache-2.0 and/or OpenSSL Files: deps/openssl/openssl/crypto/ec/ecp_nistz256.c -Copyright: no-info-found +Copyright: 2015, CloudFlare, Inc. + 2014-2020, The OpenSSL Project Authors. + 2014, Intel Corporation. License: OpenSSL Files: deps/openssl/openssl/crypto/engine/eng_fat.c deps/openssl/openssl/crypto/engine/eng_list.c deps/openssl/openssl/crypto/engine/eng_local.h deps/openssl/openssl/crypto/engine/eng_openssl.c -Copyright: no-info-found +Copyright: 2002, 2017, Oracle and/or its affiliates. + 1995-2022, The OpenSSL Project Authors. License: OpenSSL Files: deps/openssl/openssl/crypto/evp/e_aria.c -Copyright: no-info-found +Copyright: 2002-2021, The OpenSSL Project Authors. + 2002, 2017, 2018, Oracle and/or its affiliates. License: OpenSSL Files: deps/openssl/openssl/crypto/evp/e_sm4.c -Copyright: no-info-found +Copyright: 2017-2021, The OpenSSL Project Authors. + 2017, Ribose Inc. License: OpenSSL Files: deps/openssl/openssl/crypto/mem_sec.c -Copyright: no-info-found +Copyright: 2015-2020, The OpenSSL Project Authors. + 2004-2014, Akamai Technologies. License: OpenSSL Files: deps/openssl/openssl/crypto/rsa/rsa_mp.c -Copyright: no-info-found +Copyright: 2017, BaishanCloud. + 2017, 2018, The OpenSSL Project Authors. License: OpenSSL Files: deps/openssl/openssl/crypto/sm2/sm2_crypt.c deps/openssl/openssl/crypto/sm2/sm2_sign.c -Copyright: no-info-found +Copyright: 2017-2021, The OpenSSL Project Authors. + 2017, Ribose Inc. License: OpenSSL Files: deps/openssl/openssl/crypto/sm3/* -Copyright: no-info-found +Copyright: 2017-2021, The OpenSSL Project Authors. + 2017, Ribose Inc. License: OpenSSL Files: deps/openssl/openssl/crypto/sm4/* -Copyright: no-info-found +Copyright: 2017-2021, The OpenSSL Project Authors. + 2017, Ribose Inc. License: OpenSSL Files: deps/openssl/openssl/crypto/srp/* -Copyright: no-info-found +Copyright: 2004-2021, The OpenSSL Project Authors. + 2004, EdelKey Project. License: OpenSSL Files: deps/openssl/openssl/crypto/x509v3/v3_pci.c @@ -607,17 +669,20 @@ Copyright: 1995-2022, The OpenSSL Project Authors. License: OpenSSL Files: deps/openssl/openssl/include/crypto/aria.h -Copyright: no-info-found +Copyright: 2002, 2017, Oracle and/or its affiliates. + 1995-2022, The OpenSSL Project Authors. License: OpenSSL Files: deps/openssl/openssl/include/crypto/sha.h -Copyright: no-info-found +Copyright: 2002-2021, The OpenSSL Project Authors. + 2002, 2017, 2018, Oracle and/or its affiliates. License: OpenSSL Files: deps/openssl/openssl/include/crypto/sm2.h deps/openssl/openssl/include/crypto/sm3.h deps/openssl/openssl/include/crypto/sm4.h -Copyright: no-info-found +Copyright: 2017-2021, The OpenSSL Project Authors. + 2017, Ribose Inc. License: OpenSSL Files: deps/openssl/openssl/include/internal/o_dir.h @@ -629,20 +694,25 @@ Files: deps/openssl/openssl/include/openssl/bn.h deps/openssl/openssl/include/openssl/engine.h deps/openssl/openssl/include/openssl/ssl3.h deps/openssl/openssl/include/openssl/x509.h -Copyright: no-info-found +Copyright: 2002, 2017, Oracle and/or its affiliates. + 1995-2022, The OpenSSL Project Authors. License: OpenSSL Files: deps/openssl/openssl/include/openssl/ec.h -Copyright: no-info-found +Copyright: 2002-2021, The OpenSSL Project Authors. + 2002, 2017, 2018, Oracle and/or its affiliates. License: OpenSSL Files: deps/openssl/openssl/include/openssl/srp.h -Copyright: no-info-found +Copyright: 2004-2021, The OpenSSL Project Authors. + 2004, EdelKey Project. License: OpenSSL Files: deps/openssl/openssl/include/openssl/ssl.h deps/openssl/openssl/include/openssl/tls1.h -Copyright: no-info-found +Copyright: 2005, Nokia. + 2002, Oracle and/or its affiliates. + 1995-2022, The OpenSSL Project Authors. License: OpenSSL Files: deps/openssl/openssl/ms/* @@ -659,31 +729,39 @@ Files: deps/openssl/openssl/ssl/s3_enc.c deps/openssl/openssl/ssl/ssl_stat.c deps/openssl/openssl/ssl/ssl_txt.c deps/openssl/openssl/ssl/t1_enc.c -Copyright: no-info-found +Copyright: 2005, Nokia. + 1995-2021, The OpenSSL Project Authors. License: OpenSSL Files: deps/openssl/openssl/ssl/s3_lib.c deps/openssl/openssl/ssl/ssl_ciph.c deps/openssl/openssl/ssl/ssl_lib.c deps/openssl/openssl/ssl/ssl_local.h -Copyright: no-info-found +Copyright: 2005, Nokia. + 2002, Oracle and/or its affiliates. + 1995-2022, The OpenSSL Project Authors. License: OpenSSL Files: deps/openssl/openssl/ssl/ssl_cert.c -Copyright: no-info-found +Copyright: 2002, 2017, Oracle and/or its affiliates. + 1995-2022, The OpenSSL Project Authors. License: OpenSSL Files: deps/openssl/openssl/ssl/statem/statem_clnt.c deps/openssl/openssl/ssl/statem/statem_srvr.c -Copyright: no-info-found +Copyright: 2005, Nokia. + 2002, Oracle and/or its affiliates. + 1995-2022, The OpenSSL Project Authors. License: OpenSSL Files: deps/openssl/openssl/ssl/statem/statem_lib.c -Copyright: no-info-found +Copyright: 2002, 2017, Oracle and/or its affiliates. + 1995-2022, The OpenSSL Project Authors. License: OpenSSL Files: deps/openssl/openssl/ssl/tls_srp.c -Copyright: no-info-found +Copyright: 2004-2021, The OpenSSL Project Authors. + 2004, EdelKey Project. License: OpenSSL Files: deps/openssl/openssl/tools/* @@ -704,7 +782,7 @@ Copyright: 2015-2022, The OpenSSL Project Authors. License: Apache-2.0 Files: deps/uv/* -Copyright: 2015-2022, libuv project contributors. +Copyright: 2015-2023, libuv project contributors. License: Expat or Expat and/or ISC Files: deps/uv/Makefile.am @@ -735,11 +813,13 @@ Copyright: no-info-found License: GPL-3+ with Autoconf-exception-2.0 Files: deps/uv/m4/ax_pthread.m4 -Copyright: no-info-found +Copyright: 2011, Daniel Richard G. <skunk@iSKUNK.ORG> + 2008, Steven G. Johnson <stevenj@alum.mit.edu> License: GPL-3+ with Autoconf-exception-2.0 Files: deps/uv/m4/libuv-check-flags.m4 -Copyright: no-info-found +Copyright: 2006-2008, xine project + 2006-2008, Diego Pettenò <flameeyes gmail com> License: GPL-3+ with Autoconf-exception-2.0 Files: deps/uv/src/* @@ -754,7 +834,8 @@ Copyright: 2011, 2013, 2018, Ben Noordhuis <info@bnoordhuis.nl> License: ISC Files: deps/uv/src/inet.c -Copyright: no-info-found +Copyright: 2004, Internet Systems Consortium, Inc. ("ISC") + 1996-1999, Internet Software Consortium. License: ISC Files: deps/uv/src/random.c @@ -788,7 +869,8 @@ Copyright: libuv project contributors. License: Expat Files: deps/uv/src/unix/android-ifaddrs.c -Copyright: no-info-found +Copyright: 2014, Emergya (Cloud4all, FP7/2007-2013, grant agreement #289016) + 2013, Kenneth MacKay License: BSD-2-clause Files: deps/uv/src/unix/atomic-ops.h @@ -797,7 +879,8 @@ Copyright: 2011, 2013, 2018, Ben Noordhuis <info@bnoordhuis.nl> License: ISC Files: deps/uv/src/unix/pthread-fixes.c -Copyright: no-info-found +Copyright: 2013, Sony Mobile Communications AB + 2012, Google Inc. License: BSD-3-clause Files: deps/uv/src/unix/qnx.c @@ -843,11 +926,13 @@ Copyright: 2003-2005, Tom Wu License: Expat Files: deps/v8/benchmarks/deltablue.js -Copyright: no-info-found +Copyright: 2008, the V8 project authors. + 1996, John Maloney and Mario Wolczko. License: GPL-2+ Files: deps/v8/benchmarks/navier-stokes.js -Copyright: no-info-found +Copyright: 2012, the V8 project authors. + 2009, Oliver Hunt <http:nerget.com> License: Expat Files: deps/v8/gni/snapshot_toolchain.gni @@ -882,7 +967,8 @@ Copyright: 2005, 2006, 2008-2012, Google Inc. License: BSD-3-clause Files: deps/v8/src/inspector/v8-debugger-script.h -Copyright: no-info-found +Copyright: 2010, Google Inc. + 2008, Apple Inc. License: BSD-3-clause Files: deps/v8/src/third_party/utf8-decoder/* @@ -1026,7 +1112,8 @@ Copyright: 2006-2016, the V8 project authors. License: BSD-3-clause Files: lib/internal/freeze_intrinsics.js -Copyright: no-info-found +Copyright: 2018, Agoric + 2011, Google Inc. License: Apache-2.0 Files: lib/internal/modules/* diff --git a/debian/changelog b/debian/changelog index ff21a7e6aa2d337c49139c16a75e2e8b3755bb2e..c013006c9928f41b6062d7d7ded99df9a5639a12 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,28 @@ +nodejs (12.22.12~dfsg-1~deb11u3+apertis1) apertis; urgency=medium + + * Sync updates from Debian Bullseye Security + + -- Apertis CI <devel@lists.apertis.org> Wed, 25 Jan 2023 12:28:19 +0000 + +nodejs (12.22.12~dfsg-1~deb11u3) bullseye-security; urgency=high + + * Non-maintainer upload by the Security Team. + * Create symlink to @types/node/tsc3.6 to mitigate regression introduced in + 12.22.12 which dropped support for tsc 3.6 (Closes: #1014914) + + -- Aron Xu <aron@debian.org> Thu, 19 Jan 2023 20:10:10 +0800 + +nodejs (12.22.12~dfsg-1~deb11u2) bullseye-security; urgency=high + + * Non-maintainer upload by the Security Team. + * Backport upstream fix for: + - CVE-2022-32212, CVE-2022-43548: IsAllowedHost check bypass + - CVE-2022-32213, CVE-2022-32214, CVE-2022-32215, CVE-2022-35256: several HTTP + Request Smuggling (HRS) in llhttp parser. + - CVE-2022-35255: better randomness setup V8:EntropySource() + + -- Aron Xu <aron@debian.org> Sat, 07 Jan 2023 19:27:55 +0800 + nodejs (12.22.12~dfsg-1~deb11u1+apertis1) apertis; urgency=medium * Sync updates from Debian Bullseye diff --git a/debian/nodejs.links b/debian/nodejs.links index 339cc6dd911527e9f43e5b88c7ac55e867741209..e7189f141072e3564fab89b91dcc0f3aa12a6e8f 100644 --- a/debian/nodejs.links +++ b/debian/nodejs.links @@ -1,2 +1,3 @@ usr/bin/node usr/bin/nodejs usr/share/man/man1/node.1 usr/share/man/man1/nodejs.1 +usr/share/nodejs/@types/node usr/share/nodejs/@types/node/tsc3.6 diff --git a/debian/patches/cve-2022-32212.patch b/debian/patches/cve-2022-32212.patch new file mode 100644 index 0000000000000000000000000000000000000000..6245bf7dc8a73df53d57a203fdaac6af17d2d3d1 --- /dev/null +++ b/debian/patches/cve-2022-32212.patch @@ -0,0 +1,128 @@ +commit 48c5aa5cab718d04473fa2761d532657c84b8131 +Author: Tobias Nießen <tniessen@tnie.de> +Date: Fri May 27 21:18:49 2022 +0000 + + src: fix IPv4 validation in inspector_socket + + Co-authored-by: RafaelGSS <rafael.nunu@hotmail.com> + PR-URL: https://github.com/nodejs-private/node-private/pull/320 + Backport-PR-URL: https://github.com/nodejs-private/node-private/pull/325 + Reviewed-By: Matteo Collina <matteo.collina@gmail.com> + Reviewed-By: RafaelGSS <rafael.nunu@hotmail.com> + CVE-ID: CVE-2022-32212 + +Index: nodejs-12.22.12~dfsg/src/inspector_socket.cc +=================================================================== +--- nodejs-12.22.12~dfsg.orig/src/inspector_socket.cc ++++ nodejs-12.22.12~dfsg/src/inspector_socket.cc +@@ -168,14 +168,22 @@ static std::string TrimPort(const std::s + static bool IsIPAddress(const std::string& host) { + if (host.length() >= 4 && host.front() == '[' && host.back() == ']') + return true; +- int quads = 0; ++ uint_fast16_t accum = 0; ++ uint_fast8_t quads = 0; ++ bool empty = true; ++ auto endOctet = [&accum, &quads, &empty](bool final = false) { ++ return !empty && accum <= 0xff && ++quads <= 4 && final == (quads == 4) && ++ (empty = true) && !(accum = 0); ++ }; + for (char c : host) { +- if (c == '.') +- quads++; +- else if (!isdigit(c)) ++ if (isdigit(c)) { ++ if ((accum = (accum * 10) + (c - '0')) > 0xff) return false; ++ empty = false; ++ } else if (c != '.' || !endOctet()) { + return false; ++ } + } +- return quads == 3; ++ return endOctet(true); + } + + // Constants for hybi-10 frame format. +Index: nodejs-12.22.12~dfsg/test/cctest/test_inspector_socket.cc +=================================================================== +--- nodejs-12.22.12~dfsg.orig/test/cctest/test_inspector_socket.cc ++++ nodejs-12.22.12~dfsg/test/cctest/test_inspector_socket.cc +@@ -851,4 +851,78 @@ TEST_F(InspectorSocketTest, HostCheckedF + expect_failure_no_delegate(UPGRADE_REQUEST); + } + ++TEST_F(InspectorSocketTest, HostIPChecked) { ++ const std::string INVALID_HOST_IP_REQUEST = "GET /json HTTP/1.1\r\n" ++ "Host: 10.0.2.555:9229\r\n\r\n"; ++ send_in_chunks(INVALID_HOST_IP_REQUEST.c_str(), ++ INVALID_HOST_IP_REQUEST.length()); ++ expect_handshake_failure(); ++} ++ ++TEST_F(InspectorSocketTest, HostNegativeIPChecked) { ++ const std::string INVALID_HOST_IP_REQUEST = "GET /json HTTP/1.1\r\n" ++ "Host: 10.0.-23.255:9229\r\n\r\n"; ++ send_in_chunks(INVALID_HOST_IP_REQUEST.c_str(), ++ INVALID_HOST_IP_REQUEST.length()); ++ expect_handshake_failure(); ++} ++ ++TEST_F(InspectorSocketTest, HostIpOctetOutOfIntRangeChecked) { ++ const std::string INVALID_HOST_IP_REQUEST = ++ "GET /json HTTP/1.1\r\n" ++ "Host: 127.0.0.4294967296:9229\r\n\r\n"; ++ send_in_chunks(INVALID_HOST_IP_REQUEST.c_str(), ++ INVALID_HOST_IP_REQUEST.length()); ++ expect_handshake_failure(); ++} ++ ++TEST_F(InspectorSocketTest, HostIpOctetFarOutOfIntRangeChecked) { ++ const std::string INVALID_HOST_IP_REQUEST = ++ "GET /json HTTP/1.1\r\n" ++ "Host: 127.0.0.18446744073709552000:9229\r\n\r\n"; ++ send_in_chunks(INVALID_HOST_IP_REQUEST.c_str(), ++ INVALID_HOST_IP_REQUEST.length()); ++ expect_handshake_failure(); ++} ++ ++TEST_F(InspectorSocketTest, HostIpEmptyOctetStartChecked) { ++ const std::string INVALID_HOST_IP_REQUEST = "GET /json HTTP/1.1\r\n" ++ "Host: .0.0.1:9229\r\n\r\n"; ++ send_in_chunks(INVALID_HOST_IP_REQUEST.c_str(), ++ INVALID_HOST_IP_REQUEST.length()); ++ expect_handshake_failure(); ++} ++ ++TEST_F(InspectorSocketTest, HostIpEmptyOctetMidChecked) { ++ const std::string INVALID_HOST_IP_REQUEST = "GET /json HTTP/1.1\r\n" ++ "Host: 127..0.1:9229\r\n\r\n"; ++ send_in_chunks(INVALID_HOST_IP_REQUEST.c_str(), ++ INVALID_HOST_IP_REQUEST.length()); ++ expect_handshake_failure(); ++} ++ ++TEST_F(InspectorSocketTest, HostIpEmptyOctetEndChecked) { ++ const std::string INVALID_HOST_IP_REQUEST = "GET /json HTTP/1.1\r\n" ++ "Host: 127.0.0.:9229\r\n\r\n"; ++ send_in_chunks(INVALID_HOST_IP_REQUEST.c_str(), ++ INVALID_HOST_IP_REQUEST.length()); ++ expect_handshake_failure(); ++} ++ ++TEST_F(InspectorSocketTest, HostIpTooFewOctetsChecked) { ++ const std::string INVALID_HOST_IP_REQUEST = "GET /json HTTP/1.1\r\n" ++ "Host: 127.0.1:9229\r\n\r\n"; ++ send_in_chunks(INVALID_HOST_IP_REQUEST.c_str(), ++ INVALID_HOST_IP_REQUEST.length()); ++ expect_handshake_failure(); ++} ++ ++TEST_F(InspectorSocketTest, HostIpTooManyOctetsChecked) { ++ const std::string INVALID_HOST_IP_REQUEST = "GET /json HTTP/1.1\r\n" ++ "Host: 127.0.0.0.1:9229\r\n\r\n"; ++ send_in_chunks(INVALID_HOST_IP_REQUEST.c_str(), ++ INVALID_HOST_IP_REQUEST.length()); ++ expect_handshake_failure(); ++} ++ + } // anonymous namespace diff --git a/debian/patches/cve-2022-35255.patch b/debian/patches/cve-2022-35255.patch new file mode 100644 index 0000000000000000000000000000000000000000..1c55762ae0f367863acc234412b8ee6ad665c7f0 --- /dev/null +++ b/debian/patches/cve-2022-35255.patch @@ -0,0 +1,232 @@ +Origin: https://github.com/nodejs/node/commit/0c2a5723beff39d1f62daec96b5389da3d427e79 +Reviewed-by: Aron Xu <aron@debian.org> +Last-Update: 2022-01-05 +Comment: + Although WebCrypto is not implemented in 12.x series, this fix is introducing + enhancment to the crypto setup of V8:EntropySource(). + +commit 0c2a5723beff39d1f62daec96b5389da3d427e79 +Author: Ben Noordhuis <info@bnoordhuis.nl> +Date: Sun Sep 11 10:48:34 2022 +0200 + + crypto: fix weak randomness in WebCrypto keygen + + Commit dae283d96f from August 2020 introduced a call to EntropySource() + in SecretKeyGenTraits::DoKeyGen() in src/crypto/crypto_keygen.cc. There + are two problems with that: + + 1. It does not check the return value, it assumes EntropySource() always + succeeds, but it can (and sometimes will) fail. + + 2. The random data returned byEntropySource() may not be + cryptographically strong and therefore not suitable as keying + material. + + An example is a freshly booted system or a system without /dev/random or + getrandom(2). + + EntropySource() calls out to openssl's RAND_poll() and RAND_bytes() in a + best-effort attempt to obtain random data. OpenSSL has a built-in CSPRNG + but that can fail to initialize, in which case it's possible either: + + 1. No random data gets written to the output buffer, i.e., the output is + unmodified, or + + 2. Weak random data is written. It's theoretically possible for the + output to be fully predictable because the CSPRNG starts from a + predictable state. + + Replace EntropySource() and CheckEntropy() with new function CSPRNG() + that enforces checking of the return value. Abort on startup when the + entropy pool fails to initialize because that makes it too easy to + compromise the security of the process. + + Refs: https://hackerone.com/bugs?report_id=1690000 + Refs: https://github.com/nodejs/node/pull/35093 + + Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> + Reviewed-By: Tobias Nießen <tniessen@tnie.de> + PR-URL: #346 + Backport-PR-URL: #351 + CVE-ID: CVE-2022-35255 + +Index: nodejs-12.22.12~dfsg/node.gyp +=================================================================== +--- nodejs-12.22.12~dfsg.orig/node.gyp ++++ nodejs-12.22.12~dfsg/node.gyp +@@ -743,6 +743,8 @@ + 'openssl_default_cipher_list%': '', + }, + ++ 'cflags': ['-Werror=unused-result'], ++ + 'defines': [ + 'NODE_ARCH="<(target_arch)"', + 'NODE_PLATFORM="<(OS)"', +Index: nodejs-12.22.12~dfsg/src/node_crypto.cc +=================================================================== +--- nodejs-12.22.12~dfsg.orig/src/node_crypto.cc ++++ nodejs-12.22.12~dfsg/src/node_crypto.cc +@@ -386,48 +386,14 @@ void ThrowCryptoError(Environment* env, + env->isolate()->ThrowException(exception); + } + ++MUST_USE_RESULT CSPRNGResult CSPRNG(void* buffer, size_t length) { ++ do { ++ if (1 == RAND_status()) ++ if (1 == RAND_bytes(static_cast<unsigned char*>(buffer), length)) ++ return {true}; ++ } while (1 == RAND_poll()); + +-// Ensure that OpenSSL has enough entropy (at least 256 bits) for its PRNG. +-// The entropy pool starts out empty and needs to fill up before the PRNG +-// can be used securely. Once the pool is filled, it never dries up again; +-// its contents is stirred and reused when necessary. +-// +-// OpenSSL normally fills the pool automatically but not when someone starts +-// generating random numbers before the pool is full: in that case OpenSSL +-// keeps lowering the entropy estimate to thwart attackers trying to guess +-// the initial state of the PRNG. +-// +-// When that happens, we will have to wait until enough entropy is available. +-// That should normally never take longer than a few milliseconds. +-// +-// OpenSSL draws from /dev/random and /dev/urandom. While /dev/random may +-// block pending "true" randomness, /dev/urandom is a CSPRNG that doesn't +-// block under normal circumstances. +-// +-// The only time when /dev/urandom may conceivably block is right after boot, +-// when the whole system is still low on entropy. That's not something we can +-// do anything about. +-inline void CheckEntropy() { +- for (;;) { +- int status = RAND_status(); +- CHECK_GE(status, 0); // Cannot fail. +- if (status != 0) +- break; +- +- // Give up, RAND_poll() not supported. +- if (RAND_poll() == 0) +- break; +- } +-} +- +- +-bool EntropySource(unsigned char* buffer, size_t length) { +- // Ensure that OpenSSL's PRNG is properly seeded. +- CheckEntropy(); +- // RAND_bytes() can return 0 to indicate that the entropy data is not truly +- // random. That's okay, it's still better than V8's stock source of entropy, +- // which is /dev/urandom on UNIX platforms and the current time on Windows. +- return RAND_bytes(buffer, length) != -1; ++ return {false}; + } + + void SecureContext::Initialize(Environment* env, Local<Object> target) { +@@ -649,9 +615,9 @@ void SecureContext::Init(const FunctionC + // OpenSSL 1.1.0 changed the ticket key size, but the OpenSSL 1.0.x size was + // exposed in the public API. To retain compatibility, install a callback + // which restores the old algorithm. +- if (RAND_bytes(sc->ticket_key_name_, sizeof(sc->ticket_key_name_)) <= 0 || +- RAND_bytes(sc->ticket_key_hmac_, sizeof(sc->ticket_key_hmac_)) <= 0 || +- RAND_bytes(sc->ticket_key_aes_, sizeof(sc->ticket_key_aes_)) <= 0) { ++ if (CSPRNG(sc->ticket_key_name_, sizeof(sc->ticket_key_name_)).is_err() || ++ CSPRNG(sc->ticket_key_hmac_, sizeof(sc->ticket_key_hmac_)).is_err() || ++ CSPRNG(sc->ticket_key_aes_, sizeof(sc->ticket_key_aes_)).is_err()) { + return env->ThrowError("Error generating ticket keys"); + } + SSL_CTX_set_tlsext_ticket_key_cb(sc->ctx_.get(), TicketCompatibilityCallback); +@@ -1643,7 +1609,7 @@ int SecureContext::TicketCompatibilityCa + + if (enc) { + memcpy(name, sc->ticket_key_name_, sizeof(sc->ticket_key_name_)); +- if (RAND_bytes(iv, 16) <= 0 || ++ if (CSPRNG(iv, 16).is_err() || + EVP_EncryptInit_ex(ectx, EVP_aes_128_cbc(), nullptr, + sc->ticket_key_aes_, iv) <= 0 || + HMAC_Init_ex(hctx, sc->ticket_key_hmac_, sizeof(sc->ticket_key_hmac_), +@@ -5867,8 +5833,7 @@ struct RandomBytesJob : public CryptoJob + : CryptoJob(env), rc(Nothing<int>()) {} + + inline void DoThreadPoolWork() override { +- CheckEntropy(); // Ensure that OpenSSL's PRNG is properly seeded. +- rc = Just(RAND_bytes(data, size)); ++ rc = Just(int(CSPRNG(data, size).is_ok())); + if (0 == rc.FromJust()) errors.Capture(); + } + +@@ -6318,8 +6283,8 @@ class GenerateKeyPairJob : public Crypto + } + + inline bool GenerateKey() { +- // Make sure that the CSPRNG is properly seeded so the results are secure. +- CheckEntropy(); ++ // Make sure that the CSPRNG is properly seeded. ++ CHECK(CSPRNG(nullptr, 0).is_ok()); + + // Create the key generation context. + EVPKeyCtxPointer ctx = config_->Setup(); +Index: nodejs-12.22.12~dfsg/src/node_crypto.h +=================================================================== +--- nodejs-12.22.12~dfsg.orig/src/node_crypto.h ++++ nodejs-12.22.12~dfsg/src/node_crypto.h +@@ -840,7 +840,19 @@ class ECDH final : public BaseObject { + const EC_GROUP* group_; + }; + +-bool EntropySource(unsigned char* buffer, size_t length); ++struct CSPRNGResult { ++ const bool ok; ++ MUST_USE_RESULT bool is_ok() const { return ok; } ++ MUST_USE_RESULT bool is_err() const { return !ok; } ++}; ++ ++// Either succeeds with exactly |length| bytes of cryptographically ++// strong pseudo-random data, or fails. This function may block. ++// Don't assume anything about the contents of |buffer| on error. ++// As a special case, |length == 0| can be used to check if the CSPRNG ++// is properly seeded without consuming entropy. ++MUST_USE_RESULT CSPRNGResult CSPRNG(void* buffer, size_t length); ++ + #ifndef OPENSSL_NO_ENGINE + void SetEngine(const v8::FunctionCallbackInfo<v8::Value>& args); + #endif // !OPENSSL_NO_ENGINE +Index: nodejs-12.22.12~dfsg/src/inspector_io.cc +=================================================================== +--- nodejs-12.22.12~dfsg.orig/src/inspector_io.cc ++++ nodejs-12.22.12~dfsg/src/inspector_io.cc +@@ -46,8 +46,7 @@ std::string ScriptPath(uv_loop_t* loop, + // Used ver 4 - with numbers + std::string GenerateID() { + uint16_t buffer[8]; +- CHECK(crypto::EntropySource(reinterpret_cast<unsigned char*>(buffer), +- sizeof(buffer))); ++ CHECK(crypto::CSPRNG(buffer, sizeof(buffer)).is_ok()); + + char uuid[256]; + snprintf(uuid, sizeof(uuid), "%04x%04x-%04x-%04x-%04x-%04x%04x%04x", +Index: nodejs-12.22.12~dfsg/src/node.cc +=================================================================== +--- nodejs-12.22.12~dfsg.orig/src/node.cc ++++ nodejs-12.22.12~dfsg/src/node.cc +@@ -969,9 +969,17 @@ InitializationResult InitializeOncePerPr + // the random source is properly initialized first. + OPENSSL_init(); + #endif // NODE_FIPS_MODE +- // V8 on Windows doesn't have a good source of entropy. Seed it from +- // OpenSSL's pool. +- V8::SetEntropySource(crypto::EntropySource); ++ // Ensure CSPRNG is properly seeded. ++ CHECK(crypto::CSPRNG(nullptr, 0).is_ok()); ++ ++ V8::SetEntropySource([](unsigned char* buffer, size_t length) { ++ // V8 falls back to very weak entropy when this function fails ++ // and /dev/urandom isn't available. That wouldn't be so bad if ++ // the entropy was only used for Math.random() but it's also used for ++ // hash table and address space layout randomization. Better to abort. ++ CHECK(crypto::CSPRNG(buffer, length).is_ok()); ++ return true; ++ }); + #endif // HAVE_OPENSSL + + per_process::v8_platform.Initialize( diff --git a/debian/patches/cve-2022-43548.patch b/debian/patches/cve-2022-43548.patch new file mode 100644 index 0000000000000000000000000000000000000000..df9b7a18e8c2fee4c35d2c98adf9239b42bc8640 --- /dev/null +++ b/debian/patches/cve-2022-43548.patch @@ -0,0 +1,209 @@ +commit 2b433af094fb79cf80f086038b7f36342cb6826f +Author: Tobias Nießen <tniessen@tnie.de> +Date: Sun Sep 25 12:34:05 2022 +0000 + + inspector: harden IP address validation again + + Use inet_pton() to parse IP addresses, which restricts IP addresses + to a small number of well-defined formats. In particular, octal and + hexadecimal number formats are not allowed, and neither are leading + zeros. Also explicitly reject 0.0.0.0/8 and ::/128 as non-routable. + + Refs: https://hackerone.com/reports/1710652 + CVE-ID: CVE-2022-43548 + PR-URL: https://github.com/nodejs-private/node-private/pull/354 + Reviewed-by: Michael Dawson <midawson@redhat.com> + Reviewed-by: Rafael Gonzaga <rafael.nunu@hotmail.com> + Reviewed-by: Rich Trott <rtrott@gmail.com> + +Index: nodejs-12.22.12~dfsg/src/inspector_socket.cc +=================================================================== +--- nodejs-12.22.12~dfsg.orig/src/inspector_socket.cc ++++ nodejs-12.22.12~dfsg/src/inspector_socket.cc +@@ -10,6 +10,7 @@ + + #include "openssl/sha.h" // Sha-1 hash + ++#include <algorithm> + #include <cstring> + #include <map> + +@@ -166,25 +167,71 @@ static std::string TrimPort(const std::s + } + + static bool IsIPAddress(const std::string& host) { +- if (host.length() >= 4 && host.front() == '[' && host.back() == ']') ++ // TODO(tniessen): add CVEs to the following bullet points ++ // To avoid DNS rebinding attacks, we are aware of the following requirements: ++ // * the host name must be an IP address, ++ // * the IP address must be routable, and ++ // * the IP address must be formatted unambiguously. ++ ++ // The logic below assumes that the string is null-terminated, so ensure that ++ // we did not somehow end up with null characters within the string. ++ if (host.find('\0') != std::string::npos) return false; ++ ++ // All IPv6 addresses must be enclosed in square brackets, and anything ++ // enclosed in square brackets must be an IPv6 address. ++ if (host.length() >= 4 && host.front() == '[' && host.back() == ']') { ++ // INET6_ADDRSTRLEN is the maximum length of the dual format (including the ++ // terminating null character), which is the longest possible representation ++ // of an IPv6 address: xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:ddd.ddd.ddd.ddd ++ if (host.length() - 2 >= INET6_ADDRSTRLEN) return false; ++ ++ // Annoyingly, libuv's implementation of inet_pton() deviates from other ++ // implementations of the function in that it allows '%' in IPv6 addresses. ++ if (host.find('%') != std::string::npos) return false; ++ ++ // Parse the IPv6 address to ensure it is syntactically valid. ++ char ipv6_str[INET6_ADDRSTRLEN]; ++ std::copy(host.begin() + 1, host.end() - 1, ipv6_str); ++ ipv6_str[host.length()] = '\0'; ++ unsigned char ipv6[sizeof(struct in6_addr)]; ++ if (uv_inet_pton(AF_INET6, ipv6_str, ipv6) != 0) return false; ++ ++ // The only non-routable IPv6 address is ::/128. It should not be necessary ++ // to explicitly reject it because it will still be enclosed in square ++ // brackets and not even macOS should make DNS requests in that case, but ++ // history has taught us that we cannot be careful enough. ++ // Note that RFC 4291 defines both "IPv4-Compatible IPv6 Addresses" and ++ // "IPv4-Mapped IPv6 Addresses", which means that there are IPv6 addresses ++ // (other than ::/128) that represent non-routable IPv4 addresses. However, ++ // this translation assumes that the host is interpreted as an IPv6 address ++ // in the first place, at which point DNS rebinding should not be an issue. ++ if (std::all_of(ipv6, ipv6 + sizeof(ipv6), [](auto b) { return b == 0; })) { ++ return false; ++ } ++ ++ // It is a syntactically valid and routable IPv6 address enclosed in square ++ // brackets. No client should be able to misinterpret this. + return true; +- uint_fast16_t accum = 0; +- uint_fast8_t quads = 0; +- bool empty = true; +- auto endOctet = [&accum, &quads, &empty](bool final = false) { +- return !empty && accum <= 0xff && ++quads <= 4 && final == (quads == 4) && +- (empty = true) && !(accum = 0); +- }; +- for (char c : host) { +- if (isdigit(c)) { +- if ((accum = (accum * 10) + (c - '0')) > 0xff) return false; +- empty = false; +- } else if (c != '.' || !endOctet()) { +- return false; +- } +- } +- return endOctet(true); +-} ++ } ++ ++ // Anything not enclosed in square brackets must be an IPv4 address. It is ++ // important here that inet_pton() accepts only the so-called dotted-decimal ++ // notation, which is a strict subset of the so-called numbers-and-dots ++ // notation that is allowed by inet_aton() and inet_addr(). This subset does ++ // not allow hexadecimal or octal number formats. ++ unsigned char ipv4[sizeof(struct in_addr)]; ++ if (uv_inet_pton(AF_INET, host.c_str(), ipv4) != 0) return false; ++ ++ // The only strictly non-routable IPv4 address is 0.0.0.0, and macOS will make ++ // DNS requests for this IP address, so we need to explicitly reject it. In ++ // fact, we can safely reject all of 0.0.0.0/8 (see Section 3.2 of RFC 791 and ++ // Section 3.2.1.3 of RFC 1122). ++ // Note that inet_pton() stores the IPv4 address in network byte order. ++ if (ipv4[0] == 0) return false; ++ ++ // It is a routable IPv4 address in dotted-decimal notation. ++ return true; ++ } + + // Constants for hybi-10 frame format. + +Index: nodejs-12.22.12~dfsg/test/cctest/test_inspector_socket.cc +=================================================================== +--- nodejs-12.22.12~dfsg.orig/test/cctest/test_inspector_socket.cc ++++ nodejs-12.22.12~dfsg/test/cctest/test_inspector_socket.cc +@@ -925,4 +925,84 @@ TEST_F(InspectorSocketTest, HostIpTooMan + expect_handshake_failure(); + } + ++TEST_F(InspectorSocketTest, HostIpInvalidOctalOctetStartChecked) { ++ const std::string INVALID_HOST_IP_REQUEST = "GET /json HTTP/1.1\r\n" ++ "Host: 08.1.1.1:9229\r\n\r\n"; ++ send_in_chunks(INVALID_HOST_IP_REQUEST.c_str(), ++ INVALID_HOST_IP_REQUEST.length()); ++ expect_handshake_failure(); ++} ++ ++TEST_F(InspectorSocketTest, HostIpInvalidOctalOctetMidChecked) { ++ const std::string INVALID_HOST_IP_REQUEST = "GET /json HTTP/1.1\r\n" ++ "Host: 1.09.1.1:9229\r\n\r\n"; ++ send_in_chunks(INVALID_HOST_IP_REQUEST.c_str(), ++ INVALID_HOST_IP_REQUEST.length()); ++ expect_handshake_failure(); ++} ++ ++TEST_F(InspectorSocketTest, HostIpInvalidOctalOctetEndChecked) { ++ const std::string INVALID_HOST_IP_REQUEST = "GET /json HTTP/1.1\r\n" ++ "Host: 1.1.1.009:9229\r\n\r\n"; ++ send_in_chunks(INVALID_HOST_IP_REQUEST.c_str(), ++ INVALID_HOST_IP_REQUEST.length()); ++ expect_handshake_failure(); ++} ++ ++TEST_F(InspectorSocketTest, HostIpLeadingZeroStartChecked) { ++ const std::string INVALID_HOST_IP_REQUEST = "GET /json HTTP/1.1\r\n" ++ "Host: 01.1.1.1:9229\r\n\r\n"; ++ send_in_chunks(INVALID_HOST_IP_REQUEST.c_str(), ++ INVALID_HOST_IP_REQUEST.length()); ++ expect_handshake_failure(); ++} ++ ++TEST_F(InspectorSocketTest, HostIpLeadingZeroMidChecked) { ++ const std::string INVALID_HOST_IP_REQUEST = "GET /json HTTP/1.1\r\n" ++ "Host: 1.1.001.1:9229\r\n\r\n"; ++ send_in_chunks(INVALID_HOST_IP_REQUEST.c_str(), ++ INVALID_HOST_IP_REQUEST.length()); ++ expect_handshake_failure(); ++} ++ ++TEST_F(InspectorSocketTest, HostIpLeadingZeroEndChecked) { ++ const std::string INVALID_HOST_IP_REQUEST = "GET /json HTTP/1.1\r\n" ++ "Host: 1.1.1.01:9229\r\n\r\n"; ++ send_in_chunks(INVALID_HOST_IP_REQUEST.c_str(), ++ INVALID_HOST_IP_REQUEST.length()); ++ expect_handshake_failure(); ++} ++ ++TEST_F(InspectorSocketTest, HostIPv6NonRoutable) { ++ const std::string INVALID_HOST_IP_REQUEST = "GET /json HTTP/1.1\r\n" ++ "Host: [::]:9229\r\n\r\n"; ++ send_in_chunks(INVALID_HOST_IP_REQUEST.c_str(), ++ INVALID_HOST_IP_REQUEST.length()); ++ expect_handshake_failure(); ++} ++ ++TEST_F(InspectorSocketTest, HostIPv6NonRoutableDual) { ++ const std::string INVALID_HOST_IP_REQUEST = "GET /json HTTP/1.1\r\n" ++ "Host: [::0.0.0.0]:9229\r\n\r\n"; ++ send_in_chunks(INVALID_HOST_IP_REQUEST.c_str(), ++ INVALID_HOST_IP_REQUEST.length()); ++ expect_handshake_failure(); ++} ++ ++TEST_F(InspectorSocketTest, HostIPv4InSquareBrackets) { ++ const std::string INVALID_HOST_IP_REQUEST = "GET /json HTTP/1.1\r\n" ++ "Host: [127.0.0.1]:9229\r\n\r\n"; ++ send_in_chunks(INVALID_HOST_IP_REQUEST.c_str(), ++ INVALID_HOST_IP_REQUEST.length()); ++ expect_handshake_failure(); ++} ++ ++TEST_F(InspectorSocketTest, HostIPv6InvalidAbbreviation) { ++ const std::string INVALID_HOST_IP_REQUEST = "GET /json HTTP/1.1\r\n" ++ "Host: [:::1]:9229\r\n\r\n"; ++ send_in_chunks(INVALID_HOST_IP_REQUEST.c_str(), ++ INVALID_HOST_IP_REQUEST.length()); ++ expect_handshake_failure(); ++} ++ + } // anonymous namespace diff --git a/debian/patches/cve-llhttp.patch b/debian/patches/cve-llhttp.patch new file mode 100644 index 0000000000000000000000000000000000000000..902dd1bfb02c6c279a2dab8e18f4829c02941233 --- /dev/null +++ b/debian/patches/cve-llhttp.patch @@ -0,0 +1,4342 @@ +Reviewed-by: Aron Xu <aron@debian.org> +Last-Update: 2023-01-05 +Comment: + This patch updates the embeded copy of llhttp from version 2.1.4 to 2.1.6, + which is upstream's actual fix for CVE-2022-32213, CVE-2022-32214, CVE-2022-32215, + CVE-2022-35256. + Test cases are ported to use mustCall() to replace the later introduced + mustSucceed(), to avoid pulling in too many dependent new test codes. +References: + * https://github.com/nodejs/node/commit/da0fda0fe81d372e24c0cb11aec37534985708dd + * https://github.com/nodejs/node/commit/a9f1146b8827855e342834458a71f2367346ace0 +--- nodejs-12.22.12~dfsg/deps/llhttp/include/llhttp.h ++++ nodejs-12.22.12~dfsg/deps/llhttp/include/llhttp.h +@@ -3,7 +3,7 @@ + + #define LLHTTP_VERSION_MAJOR 2 + #define LLHTTP_VERSION_MINOR 1 +-#define LLHTTP_VERSION_PATCH 4 ++#define LLHTTP_VERSION_PATCH 6 + + #ifndef LLHTTP_STRICT_MODE + # define LLHTTP_STRICT_MODE 0 +@@ -58,6 +58,7 @@ + HPE_OK = 0, + HPE_INTERNAL = 1, + HPE_STRICT = 2, ++ HPE_CR_EXPECTED = 25, + HPE_LF_EXPECTED = 3, + HPE_UNEXPECTED_CONTENT_LENGTH = 4, + HPE_CLOSED_CONNECTION = 5, +@@ -78,7 +79,7 @@ + HPE_CB_CHUNK_COMPLETE = 20, + HPE_PAUSED = 21, + HPE_PAUSED_UPGRADE = 22, +- HPE_USER = 23 ++ HPE_USER = 24 + }; + typedef enum llhttp_errno llhttp_errno_t; + +@@ -153,6 +154,7 @@ + XX(0, OK, OK) \ + XX(1, INTERNAL, INTERNAL) \ + XX(2, STRICT, STRICT) \ ++ XX(25, CR_EXPECTED, CR_EXPECTED) \ + XX(3, LF_EXPECTED, LF_EXPECTED) \ + XX(4, UNEXPECTED_CONTENT_LENGTH, UNEXPECTED_CONTENT_LENGTH) \ + XX(5, CLOSED_CONNECTION, CLOSED_CONNECTION) \ +@@ -173,7 +175,7 @@ + XX(20, CB_CHUNK_COMPLETE, CB_CHUNK_COMPLETE) \ + XX(21, PAUSED, PAUSED) \ + XX(22, PAUSED_UPGRADE, PAUSED_UPGRADE) \ +- XX(23, USER, USER) \ ++ XX(24, USER, USER) \ + + + #define HTTP_METHOD_MAP(XX) \ +--- nodejs-12.22.12~dfsg/deps/llhttp/src/llhttp.c ++++ nodejs-12.22.12~dfsg/deps/llhttp/src/llhttp.c +@@ -325,6 +325,7 @@ + s_n_llhttp__internal__n_header_value_lws, + s_n_llhttp__internal__n_header_value_almost_done, + s_n_llhttp__internal__n_header_value_lenient, ++ s_n_llhttp__internal__n_error_25, + s_n_llhttp__internal__n_header_value_otherwise, + s_n_llhttp__internal__n_header_value_connection_token, + s_n_llhttp__internal__n_header_value_connection_ws, +@@ -332,14 +333,16 @@ + s_n_llhttp__internal__n_header_value_connection_2, + s_n_llhttp__internal__n_header_value_connection_3, + s_n_llhttp__internal__n_header_value_connection, +- s_n_llhttp__internal__n_error_26, + s_n_llhttp__internal__n_error_27, ++ s_n_llhttp__internal__n_error_28, + s_n_llhttp__internal__n_header_value_content_length_ws, + s_n_llhttp__internal__n_header_value_content_length, +- s_n_llhttp__internal__n_header_value_te_chunked_last, ++ s_n_llhttp__internal__n_error_30, ++ s_n_llhttp__internal__n_error_29, + s_n_llhttp__internal__n_header_value_te_token_ows, + s_n_llhttp__internal__n_header_value, + s_n_llhttp__internal__n_header_value_te_token, ++ s_n_llhttp__internal__n_header_value_te_chunked_last, + s_n_llhttp__internal__n_header_value_te_chunked, + s_n_llhttp__internal__n_span_start_llhttp__on_header_value_1, + s_n_llhttp__internal__n_header_value_discard_ws, +@@ -734,7 +737,7 @@ + return 0; + } + +-int llhttp__internal__c_update_header_state_2( ++int llhttp__internal__c_update_header_state_3( + llhttp__internal_t* state, + const unsigned char* p, + const unsigned char* endp) { +@@ -742,7 +745,7 @@ + return 0; + } + +-int llhttp__internal__c_update_header_state_4( ++int llhttp__internal__c_update_header_state_1( + llhttp__internal_t* state, + const unsigned char* p, + const unsigned char* endp) { +@@ -750,7 +753,7 @@ + return 0; + } + +-int llhttp__internal__c_update_header_state_5( ++int llhttp__internal__c_update_header_state_6( + llhttp__internal_t* state, + const unsigned char* p, + const unsigned char* endp) { +@@ -758,7 +761,7 @@ + return 0; + } + +-int llhttp__internal__c_update_header_state_6( ++int llhttp__internal__c_update_header_state_7( + llhttp__internal_t* state, + const unsigned char* p, + const unsigned char* endp) { +@@ -766,7 +769,7 @@ + return 0; + } + +-int llhttp__internal__c_test_flags_6( ++int llhttp__internal__c_test_flags_7( + llhttp__internal_t* state, + const unsigned char* p, + const unsigned char* endp) { +@@ -807,6 +810,13 @@ + return 0; + } + ++int llhttp__internal__c_test_flags_8( ++ llhttp__internal_t* state, ++ const unsigned char* p, ++ const unsigned char* endp) { ++ return (state->flags & 8) == 8; ++} ++ + int llhttp__internal__c_or_flags_16( + llhttp__internal_t* state, + const unsigned char* p, +@@ -823,7 +833,7 @@ + return 0; + } + +-int llhttp__internal__c_update_header_state_7( ++int llhttp__internal__c_update_header_state_8( + llhttp__internal_t* state, + const unsigned char* p, + const unsigned char* endp) { +@@ -831,7 +841,7 @@ + return 0; + } + +-int llhttp__internal__c_or_flags_17( ++int llhttp__internal__c_or_flags_18( + llhttp__internal_t* state, + const unsigned char* p, + const unsigned char* endp) { +@@ -1554,7 +1564,7 @@ + goto s_n_llhttp__internal__n_header_value_discard_lws; + } + default: { +- goto s_n_llhttp__internal__n_error_22; ++ goto s_n_llhttp__internal__n_error_23; + } + } + /* UNREACHABLE */; +@@ -1567,13 +1577,13 @@ + } + switch (*p) { + case 9: { +- goto s_n_llhttp__internal__n_span_start_llhttp__on_header_value_1; ++ goto s_n_llhttp__internal__n_invoke_load_header_state_3; + } + case ' ': { +- goto s_n_llhttp__internal__n_span_start_llhttp__on_header_value_1; ++ goto s_n_llhttp__internal__n_invoke_load_header_state_3; + } + default: { +- goto s_n_llhttp__internal__n_invoke_load_header_state_3; ++ goto s_n_llhttp__internal__n_invoke_load_header_state_4; + } + } + /* UNREACHABLE */; +@@ -1590,7 +1600,7 @@ + goto s_n_llhttp__internal__n_header_value_lws; + } + default: { +- goto s_n_llhttp__internal__n_error_23; ++ goto s_n_llhttp__internal__n_error_24; + } + } + /* UNREACHABLE */; +@@ -1603,10 +1613,10 @@ + } + switch (*p) { + case 10: { +- goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_1; ++ goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_3; + } + case 13: { +- goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_3; ++ goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_4; + } + default: { + p++; +@@ -1616,20 +1626,27 @@ + /* UNREACHABLE */; + abort(); + } ++ case s_n_llhttp__internal__n_error_25: ++ s_n_llhttp__internal__n_error_25: { ++ state->error = 0xa; ++ state->reason = "Invalid header value char"; ++ state->error_pos = (const char*) p; ++ state->_current = (void*) (intptr_t) s_error; ++ return s_error; ++ /* UNREACHABLE */; ++ abort(); ++ } + case s_n_llhttp__internal__n_header_value_otherwise: + s_n_llhttp__internal__n_header_value_otherwise: { + if (p == endp) { + return s_n_llhttp__internal__n_header_value_otherwise; + } + switch (*p) { +- case 10: { +- goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_1; +- } + case 13: { +- goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_2; ++ goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_1; + } + default: { +- goto s_n_llhttp__internal__n_invoke_test_flags_5; ++ goto s_n_llhttp__internal__n_invoke_test_flags_6; + } + } + /* UNREACHABLE */; +@@ -1692,10 +1709,10 @@ + } + case ',': { + p++; +- goto s_n_llhttp__internal__n_invoke_load_header_state_4; ++ goto s_n_llhttp__internal__n_invoke_load_header_state_5; + } + default: { +- goto s_n_llhttp__internal__n_invoke_update_header_state_4; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_5; + } + } + /* UNREACHABLE */; +@@ -1713,7 +1730,7 @@ + switch (match_seq.status) { + case kMatchComplete: { + p++; +- goto s_n_llhttp__internal__n_invoke_update_header_state_2; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_3; + } + case kMatchPause: { + return s_n_llhttp__internal__n_header_value_connection_1; +@@ -1737,7 +1754,7 @@ + switch (match_seq.status) { + case kMatchComplete: { + p++; +- goto s_n_llhttp__internal__n_invoke_update_header_state_5; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_6; + } + case kMatchPause: { + return s_n_llhttp__internal__n_header_value_connection_2; +@@ -1761,7 +1778,7 @@ + switch (match_seq.status) { + case kMatchComplete: { + p++; +- goto s_n_llhttp__internal__n_invoke_update_header_state_6; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_7; + } + case kMatchPause: { + return s_n_llhttp__internal__n_header_value_connection_3; +@@ -1806,8 +1823,8 @@ + /* UNREACHABLE */; + abort(); + } +- case s_n_llhttp__internal__n_error_26: +- s_n_llhttp__internal__n_error_26: { ++ case s_n_llhttp__internal__n_error_27: ++ s_n_llhttp__internal__n_error_27: { + state->error = 0xb; + state->reason = "Content-Length overflow"; + state->error_pos = (const char*) p; +@@ -1816,8 +1833,8 @@ + /* UNREACHABLE */; + abort(); + } +- case s_n_llhttp__internal__n_error_27: +- s_n_llhttp__internal__n_error_27: { ++ case s_n_llhttp__internal__n_error_28: ++ s_n_llhttp__internal__n_error_28: { + state->error = 0xb; + state->reason = "Invalid character in Content-Length"; + state->error_pos = (const char*) p; +@@ -1843,7 +1860,7 @@ + goto s_n_llhttp__internal__n_header_value_content_length_ws; + } + default: { +- goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_5; ++ goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_6; + } + } + /* UNREACHABLE */; +@@ -1912,26 +1929,23 @@ + /* UNREACHABLE */; + abort(); + } +- case s_n_llhttp__internal__n_header_value_te_chunked_last: +- s_n_llhttp__internal__n_header_value_te_chunked_last: { +- if (p == endp) { +- return s_n_llhttp__internal__n_header_value_te_chunked_last; +- } +- switch (*p) { +- case 10: { +- goto s_n_llhttp__internal__n_invoke_update_header_state_7; +- } +- case 13: { +- goto s_n_llhttp__internal__n_invoke_update_header_state_7; +- } +- case ' ': { +- p++; +- goto s_n_llhttp__internal__n_header_value_te_chunked_last; +- } +- default: { +- goto s_n_llhttp__internal__n_header_value_te_chunked; +- } +- } ++ case s_n_llhttp__internal__n_error_30: ++ s_n_llhttp__internal__n_error_30: { ++ state->error = 0xf; ++ state->reason = "Invalid `Transfer-Encoding` header value"; ++ state->error_pos = (const char*) p; ++ state->_current = (void*) (intptr_t) s_error; ++ return s_error; ++ /* UNREACHABLE */; ++ abort(); ++ } ++ case s_n_llhttp__internal__n_error_29: ++ s_n_llhttp__internal__n_error_29: { ++ state->error = 0xf; ++ state->reason = "Invalid `Transfer-Encoding` header value"; ++ state->error_pos = (const char*) p; ++ state->_current = (void*) (intptr_t) s_error; ++ return s_error; + /* UNREACHABLE */; + abort(); + } +@@ -2048,8 +2062,34 @@ + goto s_n_llhttp__internal__n_header_value_te_token_ows; + } + default: { ++ goto s_n_llhttp__internal__n_invoke_update_header_state_9; ++ } ++ } ++ /* UNREACHABLE */; ++ abort(); ++ } ++ case s_n_llhttp__internal__n_header_value_te_chunked_last: ++ s_n_llhttp__internal__n_header_value_te_chunked_last: { ++ if (p == endp) { ++ return s_n_llhttp__internal__n_header_value_te_chunked_last; ++ } ++ switch (*p) { ++ case 10: { ++ goto s_n_llhttp__internal__n_invoke_update_header_state_8; ++ } ++ case 13: { + goto s_n_llhttp__internal__n_invoke_update_header_state_8; + } ++ case ' ': { ++ p++; ++ goto s_n_llhttp__internal__n_header_value_te_chunked_last; ++ } ++ case ',': { ++ goto s_n_llhttp__internal__n_invoke_load_type_1; ++ } ++ default: { ++ goto s_n_llhttp__internal__n_header_value_te_token; ++ } + } + /* UNREACHABLE */; + abort(); +@@ -2101,7 +2141,7 @@ + } + case 10: { + p++; +- goto s_n_llhttp__internal__n_header_value_discard_lws; ++ goto s_n_llhttp__internal__n_invoke_test_flags_5; + } + case 13: { + p++; +@@ -2128,7 +2168,7 @@ + goto s_n_llhttp__internal__n_span_end_llhttp__on_header_field_2; + } + default: { +- goto s_n_llhttp__internal__n_error_28; ++ goto s_n_llhttp__internal__n_error_31; + } + } + /* UNREACHABLE */; +@@ -2218,7 +2258,7 @@ + goto s_n_llhttp__internal__n_span_end_llhttp__on_header_field_1; + } + default: { +- goto s_n_llhttp__internal__n_invoke_update_header_state_9; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_10; + } + } + /* UNREACHABLE */; +@@ -2243,7 +2283,7 @@ + return s_n_llhttp__internal__n_header_field_3; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_invoke_update_header_state_10; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_11; + } + } + /* UNREACHABLE */; +@@ -2268,7 +2308,7 @@ + return s_n_llhttp__internal__n_header_field_4; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_invoke_update_header_state_10; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_11; + } + } + /* UNREACHABLE */; +@@ -2289,7 +2329,7 @@ + goto s_n_llhttp__internal__n_header_field_4; + } + default: { +- goto s_n_llhttp__internal__n_invoke_update_header_state_10; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_11; + } + } + /* UNREACHABLE */; +@@ -2313,7 +2353,7 @@ + return s_n_llhttp__internal__n_header_field_1; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_invoke_update_header_state_10; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_11; + } + } + /* UNREACHABLE */; +@@ -2338,7 +2378,7 @@ + return s_n_llhttp__internal__n_header_field_5; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_invoke_update_header_state_10; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_11; + } + } + /* UNREACHABLE */; +@@ -2363,7 +2403,7 @@ + return s_n_llhttp__internal__n_header_field_6; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_invoke_update_header_state_10; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_11; + } + } + /* UNREACHABLE */; +@@ -2388,7 +2428,7 @@ + return s_n_llhttp__internal__n_header_field_7; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_invoke_update_header_state_10; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_11; + } + } + /* UNREACHABLE */; +@@ -2417,7 +2457,7 @@ + goto s_n_llhttp__internal__n_header_field_7; + } + default: { +- goto s_n_llhttp__internal__n_invoke_update_header_state_10; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_11; + } + } + /* UNREACHABLE */; +@@ -2508,7 +2548,7 @@ + goto s_n_llhttp__internal__n_url_to_http_09; + } + default: { +- goto s_n_llhttp__internal__n_error_29; ++ goto s_n_llhttp__internal__n_error_32; + } + } + /* UNREACHABLE */; +@@ -2533,7 +2573,7 @@ + goto s_n_llhttp__internal__n_url_skip_lf_to_http09_1; + } + default: { +- goto s_n_llhttp__internal__n_error_29; ++ goto s_n_llhttp__internal__n_error_32; + } + } + /* UNREACHABLE */; +@@ -2550,7 +2590,7 @@ + goto s_n_llhttp__internal__n_header_field_start; + } + default: { +- goto s_n_llhttp__internal__n_error_30; ++ goto s_n_llhttp__internal__n_error_33; + } + } + /* UNREACHABLE */; +@@ -2571,7 +2611,7 @@ + goto s_n_llhttp__internal__n_req_http_end_1; + } + default: { +- goto s_n_llhttp__internal__n_error_30; ++ goto s_n_llhttp__internal__n_error_33; + } + } + /* UNREACHABLE */; +@@ -2634,7 +2674,7 @@ + goto s_n_llhttp__internal__n_invoke_store_http_minor; + } + default: { +- goto s_n_llhttp__internal__n_error_31; ++ goto s_n_llhttp__internal__n_error_34; + } + } + /* UNREACHABLE */; +@@ -2651,7 +2691,7 @@ + goto s_n_llhttp__internal__n_req_http_minor; + } + default: { +- goto s_n_llhttp__internal__n_error_32; ++ goto s_n_llhttp__internal__n_error_35; + } + } + /* UNREACHABLE */; +@@ -2714,7 +2754,7 @@ + goto s_n_llhttp__internal__n_invoke_store_http_major; + } + default: { +- goto s_n_llhttp__internal__n_error_33; ++ goto s_n_llhttp__internal__n_error_36; + } + } + /* UNREACHABLE */; +@@ -2738,7 +2778,7 @@ + return s_n_llhttp__internal__n_req_http_start_1; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_35; ++ goto s_n_llhttp__internal__n_error_38; + } + } + /* UNREACHABLE */; +@@ -2762,7 +2802,7 @@ + return s_n_llhttp__internal__n_req_http_start_2; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_35; ++ goto s_n_llhttp__internal__n_error_38; + } + } + /* UNREACHABLE */; +@@ -2787,7 +2827,7 @@ + goto s_n_llhttp__internal__n_req_http_start_2; + } + default: { +- goto s_n_llhttp__internal__n_error_35; ++ goto s_n_llhttp__internal__n_error_38; + } + } + /* UNREACHABLE */; +@@ -2878,7 +2918,7 @@ + goto s_n_llhttp__internal__n_url_fragment; + } + default: { +- goto s_n_llhttp__internal__n_error_36; ++ goto s_n_llhttp__internal__n_error_39; + } + } + /* UNREACHABLE */; +@@ -2939,7 +2979,7 @@ + goto s_n_llhttp__internal__n_span_end_stub_query_3; + } + default: { +- goto s_n_llhttp__internal__n_error_37; ++ goto s_n_llhttp__internal__n_error_40; + } + } + /* UNREACHABLE */; +@@ -2977,7 +3017,7 @@ + goto s_n_llhttp__internal__n_url_query; + } + default: { +- goto s_n_llhttp__internal__n_error_38; ++ goto s_n_llhttp__internal__n_error_41; + } + } + /* UNREACHABLE */; +@@ -3102,10 +3142,10 @@ + } + case 8: { + p++; +- goto s_n_llhttp__internal__n_error_39; ++ goto s_n_llhttp__internal__n_error_42; + } + default: { +- goto s_n_llhttp__internal__n_error_40; ++ goto s_n_llhttp__internal__n_error_43; + } + } + /* UNREACHABLE */; +@@ -3164,7 +3204,7 @@ + goto s_n_llhttp__internal__n_url_server_with_at; + } + default: { +- goto s_n_llhttp__internal__n_error_41; ++ goto s_n_llhttp__internal__n_error_44; + } + } + /* UNREACHABLE */; +@@ -3181,7 +3221,7 @@ + goto s_n_llhttp__internal__n_url_server; + } + default: { +- goto s_n_llhttp__internal__n_error_43; ++ goto s_n_llhttp__internal__n_error_46; + } + } + /* UNREACHABLE */; +@@ -3199,7 +3239,7 @@ + } + case 10: { + p++; +- goto s_n_llhttp__internal__n_error_42; ++ goto s_n_llhttp__internal__n_error_45; + } + case 12: { + p++; +@@ -3207,18 +3247,18 @@ + } + case 13: { + p++; +- goto s_n_llhttp__internal__n_error_42; ++ goto s_n_llhttp__internal__n_error_45; + } + case ' ': { + p++; +- goto s_n_llhttp__internal__n_error_42; ++ goto s_n_llhttp__internal__n_error_45; + } + case '/': { + p++; + goto s_n_llhttp__internal__n_url_schema_delim_1; + } + default: { +- goto s_n_llhttp__internal__n_error_43; ++ goto s_n_llhttp__internal__n_error_46; + } + } + /* UNREACHABLE */; +@@ -3264,7 +3304,7 @@ + } + case 2: { + p++; +- goto s_n_llhttp__internal__n_error_42; ++ goto s_n_llhttp__internal__n_error_45; + } + case 3: { + goto s_n_llhttp__internal__n_span_end_stub_schema; +@@ -3274,7 +3314,7 @@ + goto s_n_llhttp__internal__n_url_schema; + } + default: { +- goto s_n_llhttp__internal__n_error_44; ++ goto s_n_llhttp__internal__n_error_47; + } + } + /* UNREACHABLE */; +@@ -3310,7 +3350,7 @@ + } + case 2: { + p++; +- goto s_n_llhttp__internal__n_error_42; ++ goto s_n_llhttp__internal__n_error_45; + } + case 3: { + goto s_n_llhttp__internal__n_span_start_stub_path_2; +@@ -3319,7 +3359,7 @@ + goto s_n_llhttp__internal__n_url_schema; + } + default: { +- goto s_n_llhttp__internal__n_error_45; ++ goto s_n_llhttp__internal__n_error_48; + } + } + /* UNREACHABLE */; +@@ -3417,7 +3457,7 @@ + goto s_n_llhttp__internal__n_req_spaces_before_url; + } + default: { +- goto s_n_llhttp__internal__n_error_46; ++ goto s_n_llhttp__internal__n_error_49; + } + } + /* UNREACHABLE */; +@@ -3442,7 +3482,7 @@ + return s_n_llhttp__internal__n_start_req_1; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -3467,7 +3507,7 @@ + return s_n_llhttp__internal__n_start_req_2; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -3492,7 +3532,7 @@ + return s_n_llhttp__internal__n_start_req_4; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -3517,7 +3557,7 @@ + return s_n_llhttp__internal__n_start_req_6; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -3535,7 +3575,7 @@ + goto s_n_llhttp__internal__n_invoke_store_method_1; + } + default: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -3556,7 +3596,7 @@ + goto s_n_llhttp__internal__n_start_req_7; + } + default: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -3577,7 +3617,7 @@ + goto s_n_llhttp__internal__n_start_req_5; + } + default: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -3602,7 +3642,7 @@ + return s_n_llhttp__internal__n_start_req_8; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -3627,7 +3667,7 @@ + return s_n_llhttp__internal__n_start_req_9; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -3652,7 +3692,7 @@ + return s_n_llhttp__internal__n_start_req_10; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -3677,7 +3717,7 @@ + return s_n_llhttp__internal__n_start_req_12; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -3702,7 +3742,7 @@ + return s_n_llhttp__internal__n_start_req_13; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -3723,7 +3763,7 @@ + goto s_n_llhttp__internal__n_start_req_13; + } + default: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -3748,7 +3788,7 @@ + return s_n_llhttp__internal__n_start_req_15; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -3773,7 +3813,7 @@ + return s_n_llhttp__internal__n_start_req_16; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -3798,7 +3838,7 @@ + return s_n_llhttp__internal__n_start_req_18; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -3823,7 +3863,7 @@ + return s_n_llhttp__internal__n_start_req_20; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -3841,7 +3881,7 @@ + goto s_n_llhttp__internal__n_invoke_store_method_1; + } + default: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -3862,7 +3902,7 @@ + goto s_n_llhttp__internal__n_start_req_21; + } + default: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -3883,7 +3923,7 @@ + goto s_n_llhttp__internal__n_start_req_19; + } + default: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -3908,7 +3948,7 @@ + return s_n_llhttp__internal__n_start_req_22; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -3937,7 +3977,7 @@ + goto s_n_llhttp__internal__n_start_req_22; + } + default: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -3962,7 +4002,7 @@ + return s_n_llhttp__internal__n_start_req_23; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -3987,7 +4027,7 @@ + return s_n_llhttp__internal__n_start_req_24; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -4012,7 +4052,7 @@ + return s_n_llhttp__internal__n_start_req_26; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -4037,7 +4077,7 @@ + return s_n_llhttp__internal__n_start_req_27; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -4062,7 +4102,7 @@ + return s_n_llhttp__internal__n_start_req_31; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -4087,7 +4127,7 @@ + return s_n_llhttp__internal__n_start_req_32; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -4108,7 +4148,7 @@ + goto s_n_llhttp__internal__n_start_req_32; + } + default: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -4125,7 +4165,7 @@ + goto s_n_llhttp__internal__n_start_req_30; + } + default: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -4147,7 +4187,7 @@ + goto s_n_llhttp__internal__n_start_req_29; + } + default: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -4172,7 +4212,7 @@ + return s_n_llhttp__internal__n_start_req_34; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -4194,7 +4234,7 @@ + goto s_n_llhttp__internal__n_invoke_store_method_1; + } + default: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -4223,7 +4263,7 @@ + goto s_n_llhttp__internal__n_start_req_33; + } + default: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -4248,7 +4288,7 @@ + return s_n_llhttp__internal__n_start_req_37; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -4273,7 +4313,7 @@ + return s_n_llhttp__internal__n_start_req_38; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -4294,7 +4334,7 @@ + goto s_n_llhttp__internal__n_start_req_38; + } + default: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -4311,7 +4351,7 @@ + goto s_n_llhttp__internal__n_start_req_36; + } + default: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -4336,7 +4376,7 @@ + return s_n_llhttp__internal__n_start_req_40; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -4361,7 +4401,7 @@ + return s_n_llhttp__internal__n_start_req_41; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -4386,7 +4426,7 @@ + return s_n_llhttp__internal__n_start_req_42; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -4411,7 +4451,7 @@ + goto s_n_llhttp__internal__n_start_req_42; + } + default: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -4436,7 +4476,7 @@ + return s_n_llhttp__internal__n_start_req_43; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -4461,7 +4501,7 @@ + return s_n_llhttp__internal__n_start_req_46; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -4486,7 +4526,7 @@ + return s_n_llhttp__internal__n_start_req_48; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -4511,7 +4551,7 @@ + return s_n_llhttp__internal__n_start_req_49; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -4532,7 +4572,7 @@ + goto s_n_llhttp__internal__n_start_req_49; + } + default: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -4557,7 +4597,7 @@ + return s_n_llhttp__internal__n_start_req_50; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -4582,7 +4622,7 @@ + goto s_n_llhttp__internal__n_start_req_50; + } + default: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -4599,7 +4639,7 @@ + goto s_n_llhttp__internal__n_start_req_45; + } + default: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -4672,7 +4712,7 @@ + goto s_n_llhttp__internal__n_start_req_44; + } + default: { +- goto s_n_llhttp__internal__n_error_55; ++ goto s_n_llhttp__internal__n_error_58; + } + } + /* UNREACHABLE */; +@@ -4689,7 +4729,7 @@ + goto s_n_llhttp__internal__n_header_field_start; + } + default: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -4764,7 +4804,7 @@ + goto s_n_llhttp__internal__n_res_status_start; + } + default: { +- goto s_n_llhttp__internal__n_error_49; ++ goto s_n_llhttp__internal__n_error_52; + } + } + /* UNREACHABLE */; +@@ -4844,7 +4884,7 @@ + goto s_n_llhttp__internal__n_invoke_update_status_code; + } + default: { +- goto s_n_llhttp__internal__n_error_50; ++ goto s_n_llhttp__internal__n_error_53; + } + } + /* UNREACHABLE */; +@@ -4907,7 +4947,7 @@ + goto s_n_llhttp__internal__n_invoke_store_http_minor_1; + } + default: { +- goto s_n_llhttp__internal__n_error_51; ++ goto s_n_llhttp__internal__n_error_54; + } + } + /* UNREACHABLE */; +@@ -4924,7 +4964,7 @@ + goto s_n_llhttp__internal__n_res_http_minor; + } + default: { +- goto s_n_llhttp__internal__n_error_52; ++ goto s_n_llhttp__internal__n_error_55; + } + } + /* UNREACHABLE */; +@@ -4987,7 +5027,7 @@ + goto s_n_llhttp__internal__n_invoke_store_http_major_1; + } + default: { +- goto s_n_llhttp__internal__n_error_53; ++ goto s_n_llhttp__internal__n_error_56; + } + } + /* UNREACHABLE */; +@@ -5011,7 +5051,7 @@ + return s_n_llhttp__internal__n_start_res; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_56; ++ goto s_n_llhttp__internal__n_error_59; + } + } + /* UNREACHABLE */; +@@ -5036,7 +5076,7 @@ + return s_n_llhttp__internal__n_req_or_res_method_2; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_54; ++ goto s_n_llhttp__internal__n_error_57; + } + } + /* UNREACHABLE */; +@@ -5060,7 +5100,7 @@ + return s_n_llhttp__internal__n_req_or_res_method_3; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_54; ++ goto s_n_llhttp__internal__n_error_57; + } + } + /* UNREACHABLE */; +@@ -5081,7 +5121,7 @@ + goto s_n_llhttp__internal__n_req_or_res_method_3; + } + default: { +- goto s_n_llhttp__internal__n_error_54; ++ goto s_n_llhttp__internal__n_error_57; + } + } + /* UNREACHABLE */; +@@ -5098,7 +5138,7 @@ + goto s_n_llhttp__internal__n_req_or_res_method_1; + } + default: { +- goto s_n_llhttp__internal__n_error_54; ++ goto s_n_llhttp__internal__n_error_57; + } + } + /* UNREACHABLE */; +@@ -5167,7 +5207,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_42: { ++ s_n_llhttp__internal__n_error_45: { + state->error = 0x7; + state->reason = "Invalid characters in url"; + state->error_pos = (const char*) p; +@@ -5655,7 +5695,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_21: { ++ s_n_llhttp__internal__n_error_22: { + state->error = 0xb; + state->reason = "Empty Content-Length"; + state->error_pos = (const char*) p; +@@ -5740,14 +5780,33 @@ + s_n_llhttp__internal__n_invoke_load_header_state: { + switch (llhttp__internal__c_load_header_state(state, p, endp)) { + case 2: +- goto s_n_llhttp__internal__n_error_21; ++ goto s_n_llhttp__internal__n_error_22; + default: + goto s_n_llhttp__internal__n_invoke_load_header_state_1; + } + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_22: { ++ s_n_llhttp__internal__n_error_21: { ++ state->error = 0xa; ++ state->reason = "Invalid header value char"; ++ state->error_pos = (const char*) p; ++ state->_current = (void*) (intptr_t) s_error; ++ return s_error; ++ /* UNREACHABLE */; ++ abort(); ++ } ++ s_n_llhttp__internal__n_invoke_test_flags_5: { ++ switch (llhttp__internal__c_test_flags_2(state, p, endp)) { ++ case 1: ++ goto s_n_llhttp__internal__n_header_value_discard_lws; ++ default: ++ goto s_n_llhttp__internal__n_error_21; ++ } ++ /* UNREACHABLE */; ++ abort(); ++ } ++ s_n_llhttp__internal__n_error_23: { + state->error = 0x2; + state->reason = "Expected LF after CR"; + state->error_pos = (const char*) p; +@@ -5757,6 +5816,24 @@ + abort(); + } + s_n_llhttp__internal__n_invoke_update_header_state_1: { ++ switch (llhttp__internal__c_update_header_state_1(state, p, endp)) { ++ default: ++ goto s_n_llhttp__internal__n_span_start_llhttp__on_header_value_1; ++ } ++ /* UNREACHABLE */; ++ abort(); ++ } ++ s_n_llhttp__internal__n_invoke_load_header_state_3: { ++ switch (llhttp__internal__c_load_header_state(state, p, endp)) { ++ case 8: ++ goto s_n_llhttp__internal__n_invoke_update_header_state_1; ++ default: ++ goto s_n_llhttp__internal__n_span_start_llhttp__on_header_value_1; ++ } ++ /* UNREACHABLE */; ++ abort(); ++ } ++ s_n_llhttp__internal__n_invoke_update_header_state_2: { + switch (llhttp__internal__c_update_header_state(state, p, endp)) { + default: + goto s_n_llhttp__internal__n_header_field_start; +@@ -5767,7 +5844,7 @@ + s_n_llhttp__internal__n_invoke_or_flags_7: { + switch (llhttp__internal__c_or_flags_3(state, p, endp)) { + default: +- goto s_n_llhttp__internal__n_invoke_update_header_state_1; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_2; + } + /* UNREACHABLE */; + abort(); +@@ -5775,7 +5852,7 @@ + s_n_llhttp__internal__n_invoke_or_flags_8: { + switch (llhttp__internal__c_or_flags_4(state, p, endp)) { + default: +- goto s_n_llhttp__internal__n_invoke_update_header_state_1; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_2; + } + /* UNREACHABLE */; + abort(); +@@ -5783,7 +5860,7 @@ + s_n_llhttp__internal__n_invoke_or_flags_9: { + switch (llhttp__internal__c_or_flags_5(state, p, endp)) { + default: +- goto s_n_llhttp__internal__n_invoke_update_header_state_1; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_2; + } + /* UNREACHABLE */; + abort(); +@@ -5796,7 +5873,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_invoke_load_header_state_3: { ++ s_n_llhttp__internal__n_invoke_load_header_state_4: { + switch (llhttp__internal__c_load_header_state(state, p, endp)) { + case 5: + goto s_n_llhttp__internal__n_invoke_or_flags_7; +@@ -5812,7 +5889,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_23: { ++ s_n_llhttp__internal__n_error_24: { + state->error = 0x3; + state->reason = "Missing expected LF after header value"; + state->error_pos = (const char*) p; +@@ -5830,6 +5907,24 @@ + err = llhttp__on_header_value(state, start, p); + if (err != 0) { + state->error = err; ++ state->error_pos = (const char*) (p + 1); ++ state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_header_value_almost_done; ++ return s_error; ++ } ++ p++; ++ goto s_n_llhttp__internal__n_header_value_almost_done; ++ /* UNREACHABLE */; ++ abort(); ++ } ++ s_n_llhttp__internal__n_span_end_llhttp__on_header_value_3: { ++ const unsigned char* start; ++ int err; ++ ++ start = state->_span_pos0; ++ state->_span_pos0 = NULL; ++ err = llhttp__on_header_value(state, start, p); ++ if (err != 0) { ++ state->error = err; + state->error_pos = (const char*) p; + state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_header_value_almost_done; + return s_error; +@@ -5838,7 +5933,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_span_end_llhttp__on_header_value_2: { ++ s_n_llhttp__internal__n_span_end_llhttp__on_header_value_4: { + const unsigned char* start; + int err; + +@@ -5856,7 +5951,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_span_end_llhttp__on_header_value_3: { ++ s_n_llhttp__internal__n_span_end_llhttp__on_header_value_2: { + const unsigned char* start; + int err; + +@@ -5865,35 +5960,25 @@ + err = llhttp__on_header_value(state, start, p); + if (err != 0) { + state->error = err; +- state->error_pos = (const char*) (p + 1); +- state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_header_value_almost_done; ++ state->error_pos = (const char*) p; ++ state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_25; + return s_error; + } +- p++; +- goto s_n_llhttp__internal__n_header_value_almost_done; +- /* UNREACHABLE */; +- abort(); +- } +- s_n_llhttp__internal__n_error_24: { +- state->error = 0xa; +- state->reason = "Invalid header value char"; +- state->error_pos = (const char*) p; +- state->_current = (void*) (intptr_t) s_error; +- return s_error; ++ goto s_n_llhttp__internal__n_error_25; + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_invoke_test_flags_5: { ++ s_n_llhttp__internal__n_invoke_test_flags_6: { + switch (llhttp__internal__c_test_flags_2(state, p, endp)) { + case 1: + goto s_n_llhttp__internal__n_header_value_lenient; + default: +- goto s_n_llhttp__internal__n_error_24; ++ goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_2; + } + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_invoke_update_header_state_3: { ++ s_n_llhttp__internal__n_invoke_update_header_state_4: { + switch (llhttp__internal__c_update_header_state(state, p, endp)) { + default: + goto s_n_llhttp__internal__n_header_value_connection; +@@ -5904,7 +5989,7 @@ + s_n_llhttp__internal__n_invoke_or_flags_11: { + switch (llhttp__internal__c_or_flags_3(state, p, endp)) { + default: +- goto s_n_llhttp__internal__n_invoke_update_header_state_3; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_4; + } + /* UNREACHABLE */; + abort(); +@@ -5912,7 +5997,7 @@ + s_n_llhttp__internal__n_invoke_or_flags_12: { + switch (llhttp__internal__c_or_flags_4(state, p, endp)) { + default: +- goto s_n_llhttp__internal__n_invoke_update_header_state_3; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_4; + } + /* UNREACHABLE */; + abort(); +@@ -5920,7 +6005,7 @@ + s_n_llhttp__internal__n_invoke_or_flags_13: { + switch (llhttp__internal__c_or_flags_5(state, p, endp)) { + default: +- goto s_n_llhttp__internal__n_invoke_update_header_state_3; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_4; + } + /* UNREACHABLE */; + abort(); +@@ -5933,7 +6018,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_invoke_load_header_state_4: { ++ s_n_llhttp__internal__n_invoke_load_header_state_5: { + switch (llhttp__internal__c_load_header_state(state, p, endp)) { + case 5: + goto s_n_llhttp__internal__n_invoke_or_flags_11; +@@ -5949,39 +6034,39 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_invoke_update_header_state_4: { +- switch (llhttp__internal__c_update_header_state_4(state, p, endp)) { ++ s_n_llhttp__internal__n_invoke_update_header_state_5: { ++ switch (llhttp__internal__c_update_header_state_1(state, p, endp)) { + default: + goto s_n_llhttp__internal__n_header_value_connection_token; + } + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_invoke_update_header_state_2: { +- switch (llhttp__internal__c_update_header_state_2(state, p, endp)) { ++ s_n_llhttp__internal__n_invoke_update_header_state_3: { ++ switch (llhttp__internal__c_update_header_state_3(state, p, endp)) { + default: + goto s_n_llhttp__internal__n_header_value_connection_ws; + } + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_invoke_update_header_state_5: { +- switch (llhttp__internal__c_update_header_state_5(state, p, endp)) { ++ s_n_llhttp__internal__n_invoke_update_header_state_6: { ++ switch (llhttp__internal__c_update_header_state_6(state, p, endp)) { + default: + goto s_n_llhttp__internal__n_header_value_connection_ws; + } + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_invoke_update_header_state_6: { +- switch (llhttp__internal__c_update_header_state_6(state, p, endp)) { ++ s_n_llhttp__internal__n_invoke_update_header_state_7: { ++ switch (llhttp__internal__c_update_header_state_7(state, p, endp)) { + default: + goto s_n_llhttp__internal__n_header_value_connection_ws; + } + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_span_end_llhttp__on_header_value_4: { ++ s_n_llhttp__internal__n_span_end_llhttp__on_header_value_5: { + const unsigned char* start; + int err; + +@@ -5991,17 +6076,17 @@ + if (err != 0) { + state->error = err; + state->error_pos = (const char*) p; +- state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_26; ++ state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_27; + return s_error; + } +- goto s_n_llhttp__internal__n_error_26; ++ goto s_n_llhttp__internal__n_error_27; + /* UNREACHABLE */; + abort(); + } + s_n_llhttp__internal__n_invoke_mul_add_content_length_1: { + switch (llhttp__internal__c_mul_add_content_length_1(state, p, endp, match)) { + case 1: +- goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_4; ++ goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_5; + default: + goto s_n_llhttp__internal__n_header_value_content_length; + } +@@ -6016,7 +6101,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_span_end_llhttp__on_header_value_5: { ++ s_n_llhttp__internal__n_span_end_llhttp__on_header_value_6: { + const unsigned char* start; + int err; + +@@ -6026,14 +6111,14 @@ + if (err != 0) { + state->error = err; + state->error_pos = (const char*) p; +- state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_27; ++ state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_28; + return s_error; + } +- goto s_n_llhttp__internal__n_error_27; ++ goto s_n_llhttp__internal__n_error_28; + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_25: { ++ s_n_llhttp__internal__n_error_26: { + state->error = 0x4; + state->reason = "Duplicate Content-Length"; + state->error_pos = (const char*) p; +@@ -6042,26 +6127,82 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_invoke_test_flags_6: { +- switch (llhttp__internal__c_test_flags_6(state, p, endp)) { ++ s_n_llhttp__internal__n_invoke_test_flags_7: { ++ switch (llhttp__internal__c_test_flags_7(state, p, endp)) { + case 0: + goto s_n_llhttp__internal__n_header_value_content_length; + default: +- goto s_n_llhttp__internal__n_error_25; ++ goto s_n_llhttp__internal__n_error_26; + } + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_invoke_update_header_state_7: { +- switch (llhttp__internal__c_update_header_state_7(state, p, endp)) { ++ s_n_llhttp__internal__n_span_end_llhttp__on_header_value_8: { ++ const unsigned char* start; ++ int err; ++ ++ start = state->_span_pos0; ++ state->_span_pos0 = NULL; ++ err = llhttp__on_header_value(state, start, p); ++ if (err != 0) { ++ state->error = err; ++ state->error_pos = (const char*) (p + 1); ++ state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_30; ++ return s_error; ++ } ++ p++; ++ goto s_n_llhttp__internal__n_error_30; ++ /* UNREACHABLE */; ++ abort(); ++ } ++ s_n_llhttp__internal__n_invoke_update_header_state_8: { ++ switch (llhttp__internal__c_update_header_state_8(state, p, endp)) { + default: + goto s_n_llhttp__internal__n_header_value_otherwise; + } + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_invoke_update_header_state_8: { +- switch (llhttp__internal__c_update_header_state_4(state, p, endp)) { ++ s_n_llhttp__internal__n_span_end_llhttp__on_header_value_7: { ++ const unsigned char* start; ++ int err; ++ ++ start = state->_span_pos0; ++ state->_span_pos0 = NULL; ++ err = llhttp__on_header_value(state, start, p); ++ if (err != 0) { ++ state->error = err; ++ state->error_pos = (const char*) (p + 1); ++ state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_29; ++ return s_error; ++ } ++ p++; ++ goto s_n_llhttp__internal__n_error_29; ++ /* UNREACHABLE */; ++ abort(); ++ } ++ s_n_llhttp__internal__n_invoke_test_flags_9: { ++ switch (llhttp__internal__c_test_flags_2(state, p, endp)) { ++ case 0: ++ goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_7; ++ default: ++ goto s_n_llhttp__internal__n_header_value_te_chunked; ++ } ++ /* UNREACHABLE */; ++ abort(); ++ } ++ s_n_llhttp__internal__n_invoke_load_type_1: { ++ switch (llhttp__internal__c_load_type(state, p, endp)) { ++ case 1: ++ goto s_n_llhttp__internal__n_invoke_test_flags_9; ++ default: ++ goto s_n_llhttp__internal__n_header_value_te_chunked; ++ } ++ /* UNREACHABLE */; ++ abort(); ++ } ++ s_n_llhttp__internal__n_invoke_update_header_state_9: { ++ switch (llhttp__internal__c_update_header_state_1(state, p, endp)) { + default: + goto s_n_llhttp__internal__n_header_value; + } +@@ -6076,6 +6217,34 @@ + /* UNREACHABLE */; + abort(); + } ++ s_n_llhttp__internal__n_invoke_or_flags_17: { ++ switch (llhttp__internal__c_or_flags_16(state, p, endp)) { ++ default: ++ goto s_n_llhttp__internal__n_invoke_and_flags; ++ } ++ /* UNREACHABLE */; ++ abort(); ++ } ++ s_n_llhttp__internal__n_invoke_test_flags_10: { ++ switch (llhttp__internal__c_test_flags_2(state, p, endp)) { ++ case 0: ++ goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_8; ++ default: ++ goto s_n_llhttp__internal__n_invoke_or_flags_17; ++ } ++ /* UNREACHABLE */; ++ abort(); ++ } ++ s_n_llhttp__internal__n_invoke_load_type_2: { ++ switch (llhttp__internal__c_load_type(state, p, endp)) { ++ case 1: ++ goto s_n_llhttp__internal__n_invoke_test_flags_10; ++ default: ++ goto s_n_llhttp__internal__n_invoke_or_flags_17; ++ } ++ /* UNREACHABLE */; ++ abort(); ++ } + s_n_llhttp__internal__n_invoke_or_flags_16: { + switch (llhttp__internal__c_or_flags_16(state, p, endp)) { + default: +@@ -6084,10 +6253,20 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_invoke_or_flags_17: { +- switch (llhttp__internal__c_or_flags_17(state, p, endp)) { ++ s_n_llhttp__internal__n_invoke_test_flags_8: { ++ switch (llhttp__internal__c_test_flags_8(state, p, endp)) { ++ case 1: ++ goto s_n_llhttp__internal__n_invoke_load_type_2; + default: +- goto s_n_llhttp__internal__n_invoke_update_header_state_8; ++ goto s_n_llhttp__internal__n_invoke_or_flags_16; ++ } ++ /* UNREACHABLE */; ++ abort(); ++ } ++ s_n_llhttp__internal__n_invoke_or_flags_18: { ++ switch (llhttp__internal__c_or_flags_18(state, p, endp)) { ++ default: ++ goto s_n_llhttp__internal__n_invoke_update_header_state_9; + } + /* UNREACHABLE */; + abort(); +@@ -6097,11 +6276,11 @@ + case 1: + goto s_n_llhttp__internal__n_header_value_connection; + case 2: +- goto s_n_llhttp__internal__n_invoke_test_flags_6; ++ goto s_n_llhttp__internal__n_invoke_test_flags_7; + case 3: +- goto s_n_llhttp__internal__n_invoke_or_flags_16; ++ goto s_n_llhttp__internal__n_invoke_test_flags_8; + case 4: +- goto s_n_llhttp__internal__n_invoke_or_flags_17; ++ goto s_n_llhttp__internal__n_invoke_or_flags_18; + default: + goto s_n_llhttp__internal__n_header_value; + } +@@ -6144,7 +6323,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_28: { ++ s_n_llhttp__internal__n_error_31: { + state->error = 0xa; + state->reason = "Invalid header token"; + state->error_pos = (const char*) p; +@@ -6153,8 +6332,8 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_invoke_update_header_state_9: { +- switch (llhttp__internal__c_update_header_state_4(state, p, endp)) { ++ s_n_llhttp__internal__n_invoke_update_header_state_10: { ++ switch (llhttp__internal__c_update_header_state_1(state, p, endp)) { + default: + goto s_n_llhttp__internal__n_header_field_general; + } +@@ -6169,8 +6348,8 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_invoke_update_header_state_10: { +- switch (llhttp__internal__c_update_header_state_4(state, p, endp)) { ++ s_n_llhttp__internal__n_invoke_update_header_state_11: { ++ switch (llhttp__internal__c_update_header_state_1(state, p, endp)) { + default: + goto s_n_llhttp__internal__n_header_field_general; + } +@@ -6210,7 +6389,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_29: { ++ s_n_llhttp__internal__n_error_32: { + state->error = 0x7; + state->reason = "Expected CRLF"; + state->error_pos = (const char*) p; +@@ -6236,7 +6415,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_30: { ++ s_n_llhttp__internal__n_error_33: { + state->error = 0x9; + state->reason = "Expected CRLF after version"; + state->error_pos = (const char*) p; +@@ -6253,7 +6432,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_31: { ++ s_n_llhttp__internal__n_error_34: { + state->error = 0x9; + state->reason = "Invalid minor version"; + state->error_pos = (const char*) p; +@@ -6262,7 +6441,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_32: { ++ s_n_llhttp__internal__n_error_35: { + state->error = 0x9; + state->reason = "Expected dot"; + state->error_pos = (const char*) p; +@@ -6279,7 +6458,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_33: { ++ s_n_llhttp__internal__n_error_36: { + state->error = 0x9; + state->reason = "Invalid major version"; + state->error_pos = (const char*) p; +@@ -6288,7 +6467,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_35: { ++ s_n_llhttp__internal__n_error_38: { + state->error = 0x8; + state->reason = "Expected HTTP/"; + state->error_pos = (const char*) p; +@@ -6297,7 +6476,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_34: { ++ s_n_llhttp__internal__n_error_37: { + state->error = 0x8; + state->reason = "Expected SOURCE method for ICE/x.x request"; + state->error_pos = (const char*) p; +@@ -6309,7 +6488,7 @@ + s_n_llhttp__internal__n_invoke_is_equal_method_1: { + switch (llhttp__internal__c_is_equal_method_1(state, p, endp)) { + case 0: +- goto s_n_llhttp__internal__n_error_34; ++ goto s_n_llhttp__internal__n_error_37; + default: + goto s_n_llhttp__internal__n_req_http_major; + } +@@ -6384,7 +6563,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_36: { ++ s_n_llhttp__internal__n_error_39: { + state->error = 0x7; + state->reason = "Invalid char in url fragment start"; + state->error_pos = (const char*) p; +@@ -6444,7 +6623,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_37: { ++ s_n_llhttp__internal__n_error_40: { + state->error = 0x7; + state->reason = "Invalid char in url query"; + state->error_pos = (const char*) p; +@@ -6453,7 +6632,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_38: { ++ s_n_llhttp__internal__n_error_41: { + state->error = 0x7; + state->reason = "Invalid char in url path"; + state->error_pos = (const char*) p; +@@ -6564,7 +6743,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_39: { ++ s_n_llhttp__internal__n_error_42: { + state->error = 0x7; + state->reason = "Double @ in url"; + state->error_pos = (const char*) p; +@@ -6573,7 +6752,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_40: { ++ s_n_llhttp__internal__n_error_43: { + state->error = 0x7; + state->reason = "Unexpected char in url server"; + state->error_pos = (const char*) p; +@@ -6582,7 +6761,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_41: { ++ s_n_llhttp__internal__n_error_44: { + state->error = 0x7; + state->reason = "Unexpected char in url server"; + state->error_pos = (const char*) p; +@@ -6591,7 +6770,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_43: { ++ s_n_llhttp__internal__n_error_46: { + state->error = 0x7; + state->reason = "Unexpected char in url schema"; + state->error_pos = (const char*) p; +@@ -6600,7 +6779,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_44: { ++ s_n_llhttp__internal__n_error_47: { + state->error = 0x7; + state->reason = "Unexpected char in url schema"; + state->error_pos = (const char*) p; +@@ -6609,7 +6788,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_45: { ++ s_n_llhttp__internal__n_error_48: { + state->error = 0x7; + state->reason = "Unexpected start char in url"; + state->error_pos = (const char*) p; +@@ -6628,7 +6807,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_46: { ++ s_n_llhttp__internal__n_error_49: { + state->error = 0x6; + state->reason = "Expected space after method"; + state->error_pos = (const char*) p; +@@ -6645,7 +6824,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_55: { ++ s_n_llhttp__internal__n_error_58: { + state->error = 0x6; + state->reason = "Invalid method encountered"; + state->error_pos = (const char*) p; +@@ -6654,7 +6833,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_47: { ++ s_n_llhttp__internal__n_error_50: { + state->error = 0xd; + state->reason = "Response overflow"; + state->error_pos = (const char*) p; +@@ -6666,14 +6845,14 @@ + s_n_llhttp__internal__n_invoke_mul_add_status_code: { + switch (llhttp__internal__c_mul_add_status_code(state, p, endp, match)) { + case 1: +- goto s_n_llhttp__internal__n_error_47; ++ goto s_n_llhttp__internal__n_error_50; + default: + goto s_n_llhttp__internal__n_res_status_code; + } + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_48: { ++ s_n_llhttp__internal__n_error_51: { + state->error = 0x2; + state->reason = "Expected LF after CR"; + state->error_pos = (const char*) p; +@@ -6718,7 +6897,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_49: { ++ s_n_llhttp__internal__n_error_52: { + state->error = 0xd; + state->reason = "Invalid response status"; + state->error_pos = (const char*) p; +@@ -6735,7 +6914,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_50: { ++ s_n_llhttp__internal__n_error_53: { + state->error = 0x9; + state->reason = "Expected space after version"; + state->error_pos = (const char*) p; +@@ -6752,7 +6931,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_51: { ++ s_n_llhttp__internal__n_error_54: { + state->error = 0x9; + state->reason = "Invalid minor version"; + state->error_pos = (const char*) p; +@@ -6761,7 +6940,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_52: { ++ s_n_llhttp__internal__n_error_55: { + state->error = 0x9; + state->reason = "Expected dot"; + state->error_pos = (const char*) p; +@@ -6778,7 +6957,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_53: { ++ s_n_llhttp__internal__n_error_56: { + state->error = 0x9; + state->reason = "Invalid major version"; + state->error_pos = (const char*) p; +@@ -6787,7 +6966,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_56: { ++ s_n_llhttp__internal__n_error_59: { + state->error = 0x8; + state->reason = "Expected HTTP/"; + state->error_pos = (const char*) p; +@@ -6812,7 +6991,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_54: { ++ s_n_llhttp__internal__n_error_57: { + state->error = 0x8; + state->reason = "Invalid word encountered"; + state->error_pos = (const char*) p; +@@ -7244,6 +7423,7 @@ + s_n_llhttp__internal__n_header_value_lws, + s_n_llhttp__internal__n_header_value_almost_done, + s_n_llhttp__internal__n_header_value_lenient, ++ s_n_llhttp__internal__n_error_19, + s_n_llhttp__internal__n_header_value_otherwise, + s_n_llhttp__internal__n_header_value_connection_token, + s_n_llhttp__internal__n_header_value_connection_ws, +@@ -7251,14 +7431,16 @@ + s_n_llhttp__internal__n_header_value_connection_2, + s_n_llhttp__internal__n_header_value_connection_3, + s_n_llhttp__internal__n_header_value_connection, +- s_n_llhttp__internal__n_error_20, + s_n_llhttp__internal__n_error_21, ++ s_n_llhttp__internal__n_error_22, + s_n_llhttp__internal__n_header_value_content_length_ws, + s_n_llhttp__internal__n_header_value_content_length, +- s_n_llhttp__internal__n_header_value_te_chunked_last, ++ s_n_llhttp__internal__n_error_24, ++ s_n_llhttp__internal__n_error_23, + s_n_llhttp__internal__n_header_value_te_token_ows, + s_n_llhttp__internal__n_header_value, + s_n_llhttp__internal__n_header_value_te_token, ++ s_n_llhttp__internal__n_header_value_te_chunked_last, + s_n_llhttp__internal__n_header_value_te_chunked, + s_n_llhttp__internal__n_span_start_llhttp__on_header_value_1, + s_n_llhttp__internal__n_header_value_discard_ws, +@@ -7648,7 +7830,7 @@ + return 0; + } + +-int llhttp__internal__c_update_header_state_2( ++int llhttp__internal__c_update_header_state_3( + llhttp__internal_t* state, + const unsigned char* p, + const unsigned char* endp) { +@@ -7656,7 +7838,7 @@ + return 0; + } + +-int llhttp__internal__c_update_header_state_4( ++int llhttp__internal__c_update_header_state_1( + llhttp__internal_t* state, + const unsigned char* p, + const unsigned char* endp) { +@@ -7664,7 +7846,7 @@ + return 0; + } + +-int llhttp__internal__c_update_header_state_5( ++int llhttp__internal__c_update_header_state_6( + llhttp__internal_t* state, + const unsigned char* p, + const unsigned char* endp) { +@@ -7672,7 +7854,7 @@ + return 0; + } + +-int llhttp__internal__c_update_header_state_6( ++int llhttp__internal__c_update_header_state_7( + llhttp__internal_t* state, + const unsigned char* p, + const unsigned char* endp) { +@@ -7680,7 +7862,7 @@ + return 0; + } + +-int llhttp__internal__c_test_flags_6( ++int llhttp__internal__c_test_flags_7( + llhttp__internal_t* state, + const unsigned char* p, + const unsigned char* endp) { +@@ -7721,6 +7903,13 @@ + return 0; + } + ++int llhttp__internal__c_test_flags_8( ++ llhttp__internal_t* state, ++ const unsigned char* p, ++ const unsigned char* endp) { ++ return (state->flags & 8) == 8; ++} ++ + int llhttp__internal__c_or_flags_16( + llhttp__internal_t* state, + const unsigned char* p, +@@ -7737,7 +7926,7 @@ + return 0; + } + +-int llhttp__internal__c_update_header_state_7( ++int llhttp__internal__c_update_header_state_8( + llhttp__internal_t* state, + const unsigned char* p, + const unsigned char* endp) { +@@ -7745,7 +7934,7 @@ + return 0; + } + +-int llhttp__internal__c_or_flags_17( ++int llhttp__internal__c_or_flags_18( + llhttp__internal_t* state, + const unsigned char* p, + const unsigned char* endp) { +@@ -8432,13 +8621,13 @@ + } + switch (*p) { + case 9: { +- goto s_n_llhttp__internal__n_span_start_llhttp__on_header_value_1; ++ goto s_n_llhttp__internal__n_invoke_load_header_state_3; + } + case ' ': { +- goto s_n_llhttp__internal__n_span_start_llhttp__on_header_value_1; ++ goto s_n_llhttp__internal__n_invoke_load_header_state_3; + } + default: { +- goto s_n_llhttp__internal__n_invoke_load_header_state_3; ++ goto s_n_llhttp__internal__n_invoke_load_header_state_4; + } + } + /* UNREACHABLE */; +@@ -8455,7 +8644,7 @@ + goto s_n_llhttp__internal__n_header_value_lws; + } + default: { +- goto s_n_llhttp__internal__n_error_17; ++ goto s_n_llhttp__internal__n_error_18; + } + } + /* UNREACHABLE */; +@@ -8468,10 +8657,10 @@ + } + switch (*p) { + case 10: { +- goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_1; ++ goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_3; + } + case 13: { +- goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_3; ++ goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_4; + } + default: { + p++; +@@ -8481,20 +8670,27 @@ + /* UNREACHABLE */; + abort(); + } ++ case s_n_llhttp__internal__n_error_19: ++ s_n_llhttp__internal__n_error_19: { ++ state->error = 0xa; ++ state->reason = "Invalid header value char"; ++ state->error_pos = (const char*) p; ++ state->_current = (void*) (intptr_t) s_error; ++ return s_error; ++ /* UNREACHABLE */; ++ abort(); ++ } + case s_n_llhttp__internal__n_header_value_otherwise: + s_n_llhttp__internal__n_header_value_otherwise: { + if (p == endp) { + return s_n_llhttp__internal__n_header_value_otherwise; + } + switch (*p) { +- case 10: { +- goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_1; +- } + case 13: { +- goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_2; ++ goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_1; + } + default: { +- goto s_n_llhttp__internal__n_invoke_test_flags_5; ++ goto s_n_llhttp__internal__n_invoke_test_flags_6; + } + } + /* UNREACHABLE */; +@@ -8557,10 +8753,10 @@ + } + case ',': { + p++; +- goto s_n_llhttp__internal__n_invoke_load_header_state_4; ++ goto s_n_llhttp__internal__n_invoke_load_header_state_5; + } + default: { +- goto s_n_llhttp__internal__n_invoke_update_header_state_4; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_5; + } + } + /* UNREACHABLE */; +@@ -8578,7 +8774,7 @@ + switch (match_seq.status) { + case kMatchComplete: { + p++; +- goto s_n_llhttp__internal__n_invoke_update_header_state_2; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_3; + } + case kMatchPause: { + return s_n_llhttp__internal__n_header_value_connection_1; +@@ -8602,7 +8798,7 @@ + switch (match_seq.status) { + case kMatchComplete: { + p++; +- goto s_n_llhttp__internal__n_invoke_update_header_state_5; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_6; + } + case kMatchPause: { + return s_n_llhttp__internal__n_header_value_connection_2; +@@ -8626,7 +8822,7 @@ + switch (match_seq.status) { + case kMatchComplete: { + p++; +- goto s_n_llhttp__internal__n_invoke_update_header_state_6; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_7; + } + case kMatchPause: { + return s_n_llhttp__internal__n_header_value_connection_3; +@@ -8671,8 +8867,8 @@ + /* UNREACHABLE */; + abort(); + } +- case s_n_llhttp__internal__n_error_20: +- s_n_llhttp__internal__n_error_20: { ++ case s_n_llhttp__internal__n_error_21: ++ s_n_llhttp__internal__n_error_21: { + state->error = 0xb; + state->reason = "Content-Length overflow"; + state->error_pos = (const char*) p; +@@ -8681,8 +8877,8 @@ + /* UNREACHABLE */; + abort(); + } +- case s_n_llhttp__internal__n_error_21: +- s_n_llhttp__internal__n_error_21: { ++ case s_n_llhttp__internal__n_error_22: ++ s_n_llhttp__internal__n_error_22: { + state->error = 0xb; + state->reason = "Invalid character in Content-Length"; + state->error_pos = (const char*) p; +@@ -8708,7 +8904,7 @@ + goto s_n_llhttp__internal__n_header_value_content_length_ws; + } + default: { +- goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_5; ++ goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_6; + } + } + /* UNREACHABLE */; +@@ -8777,26 +8973,23 @@ + /* UNREACHABLE */; + abort(); + } +- case s_n_llhttp__internal__n_header_value_te_chunked_last: +- s_n_llhttp__internal__n_header_value_te_chunked_last: { +- if (p == endp) { +- return s_n_llhttp__internal__n_header_value_te_chunked_last; +- } +- switch (*p) { +- case 10: { +- goto s_n_llhttp__internal__n_invoke_update_header_state_7; +- } +- case 13: { +- goto s_n_llhttp__internal__n_invoke_update_header_state_7; +- } +- case ' ': { +- p++; +- goto s_n_llhttp__internal__n_header_value_te_chunked_last; +- } +- default: { +- goto s_n_llhttp__internal__n_header_value_te_chunked; +- } +- } ++ case s_n_llhttp__internal__n_error_24: ++ s_n_llhttp__internal__n_error_24: { ++ state->error = 0xf; ++ state->reason = "Invalid `Transfer-Encoding` header value"; ++ state->error_pos = (const char*) p; ++ state->_current = (void*) (intptr_t) s_error; ++ return s_error; ++ /* UNREACHABLE */; ++ abort(); ++ } ++ case s_n_llhttp__internal__n_error_23: ++ s_n_llhttp__internal__n_error_23: { ++ state->error = 0xf; ++ state->reason = "Invalid `Transfer-Encoding` header value"; ++ state->error_pos = (const char*) p; ++ state->_current = (void*) (intptr_t) s_error; ++ return s_error; + /* UNREACHABLE */; + abort(); + } +@@ -8913,8 +9106,34 @@ + goto s_n_llhttp__internal__n_header_value_te_token_ows; + } + default: { ++ goto s_n_llhttp__internal__n_invoke_update_header_state_9; ++ } ++ } ++ /* UNREACHABLE */; ++ abort(); ++ } ++ case s_n_llhttp__internal__n_header_value_te_chunked_last: ++ s_n_llhttp__internal__n_header_value_te_chunked_last: { ++ if (p == endp) { ++ return s_n_llhttp__internal__n_header_value_te_chunked_last; ++ } ++ switch (*p) { ++ case 10: { + goto s_n_llhttp__internal__n_invoke_update_header_state_8; + } ++ case 13: { ++ goto s_n_llhttp__internal__n_invoke_update_header_state_8; ++ } ++ case ' ': { ++ p++; ++ goto s_n_llhttp__internal__n_header_value_te_chunked_last; ++ } ++ case ',': { ++ goto s_n_llhttp__internal__n_invoke_load_type_1; ++ } ++ default: { ++ goto s_n_llhttp__internal__n_header_value_te_token; ++ } + } + /* UNREACHABLE */; + abort(); +@@ -8966,7 +9185,7 @@ + } + case 10: { + p++; +- goto s_n_llhttp__internal__n_header_value_discard_lws; ++ goto s_n_llhttp__internal__n_invoke_test_flags_5; + } + case 13: { + p++; +@@ -8993,7 +9212,7 @@ + goto s_n_llhttp__internal__n_span_end_llhttp__on_header_field_2; + } + default: { +- goto s_n_llhttp__internal__n_error_22; ++ goto s_n_llhttp__internal__n_error_25; + } + } + /* UNREACHABLE */; +@@ -9083,7 +9302,7 @@ + goto s_n_llhttp__internal__n_span_end_llhttp__on_header_field_1; + } + default: { +- goto s_n_llhttp__internal__n_invoke_update_header_state_9; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_10; + } + } + /* UNREACHABLE */; +@@ -9108,7 +9327,7 @@ + return s_n_llhttp__internal__n_header_field_3; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_invoke_update_header_state_10; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_11; + } + } + /* UNREACHABLE */; +@@ -9133,7 +9352,7 @@ + return s_n_llhttp__internal__n_header_field_4; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_invoke_update_header_state_10; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_11; + } + } + /* UNREACHABLE */; +@@ -9154,7 +9373,7 @@ + goto s_n_llhttp__internal__n_header_field_4; + } + default: { +- goto s_n_llhttp__internal__n_invoke_update_header_state_10; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_11; + } + } + /* UNREACHABLE */; +@@ -9178,7 +9397,7 @@ + return s_n_llhttp__internal__n_header_field_1; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_invoke_update_header_state_10; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_11; + } + } + /* UNREACHABLE */; +@@ -9203,7 +9422,7 @@ + return s_n_llhttp__internal__n_header_field_5; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_invoke_update_header_state_10; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_11; + } + } + /* UNREACHABLE */; +@@ -9228,7 +9447,7 @@ + return s_n_llhttp__internal__n_header_field_6; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_invoke_update_header_state_10; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_11; + } + } + /* UNREACHABLE */; +@@ -9253,7 +9472,7 @@ + return s_n_llhttp__internal__n_header_field_7; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_invoke_update_header_state_10; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_11; + } + } + /* UNREACHABLE */; +@@ -9282,7 +9501,7 @@ + goto s_n_llhttp__internal__n_header_field_7; + } + default: { +- goto s_n_llhttp__internal__n_invoke_update_header_state_10; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_11; + } + } + /* UNREACHABLE */; +@@ -9347,7 +9566,7 @@ + return s_n_llhttp__internal__n_url_skip_lf_to_http09; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_23; ++ goto s_n_llhttp__internal__n_error_26; + } + } + /* UNREACHABLE */; +@@ -9364,7 +9583,7 @@ + goto s_n_llhttp__internal__n_header_field_start; + } + default: { +- goto s_n_llhttp__internal__n_error_24; ++ goto s_n_llhttp__internal__n_error_27; + } + } + /* UNREACHABLE */; +@@ -9385,7 +9604,7 @@ + goto s_n_llhttp__internal__n_req_http_end_1; + } + default: { +- goto s_n_llhttp__internal__n_error_24; ++ goto s_n_llhttp__internal__n_error_27; + } + } + /* UNREACHABLE */; +@@ -9448,7 +9667,7 @@ + goto s_n_llhttp__internal__n_invoke_store_http_minor; + } + default: { +- goto s_n_llhttp__internal__n_error_25; ++ goto s_n_llhttp__internal__n_error_28; + } + } + /* UNREACHABLE */; +@@ -9465,7 +9684,7 @@ + goto s_n_llhttp__internal__n_req_http_minor; + } + default: { +- goto s_n_llhttp__internal__n_error_26; ++ goto s_n_llhttp__internal__n_error_29; + } + } + /* UNREACHABLE */; +@@ -9528,7 +9747,7 @@ + goto s_n_llhttp__internal__n_invoke_store_http_major; + } + default: { +- goto s_n_llhttp__internal__n_error_27; ++ goto s_n_llhttp__internal__n_error_30; + } + } + /* UNREACHABLE */; +@@ -9552,7 +9771,7 @@ + return s_n_llhttp__internal__n_req_http_start_1; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_29; ++ goto s_n_llhttp__internal__n_error_32; + } + } + /* UNREACHABLE */; +@@ -9576,7 +9795,7 @@ + return s_n_llhttp__internal__n_req_http_start_2; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_29; ++ goto s_n_llhttp__internal__n_error_32; + } + } + /* UNREACHABLE */; +@@ -9601,7 +9820,7 @@ + goto s_n_llhttp__internal__n_req_http_start_2; + } + default: { +- goto s_n_llhttp__internal__n_error_29; ++ goto s_n_llhttp__internal__n_error_32; + } + } + /* UNREACHABLE */; +@@ -9655,7 +9874,7 @@ + goto s_n_llhttp__internal__n_span_end_llhttp__on_url_8; + } + default: { +- goto s_n_llhttp__internal__n_error_30; ++ goto s_n_llhttp__internal__n_error_33; + } + } + /* UNREACHABLE */; +@@ -9712,7 +9931,7 @@ + goto s_n_llhttp__internal__n_span_end_stub_query_3; + } + default: { +- goto s_n_llhttp__internal__n_error_31; ++ goto s_n_llhttp__internal__n_error_34; + } + } + /* UNREACHABLE */; +@@ -9742,7 +9961,7 @@ + goto s_n_llhttp__internal__n_url_query; + } + default: { +- goto s_n_llhttp__internal__n_error_32; ++ goto s_n_llhttp__internal__n_error_35; + } + } + /* UNREACHABLE */; +@@ -9883,10 +10102,10 @@ + } + case 7: { + p++; +- goto s_n_llhttp__internal__n_error_33; ++ goto s_n_llhttp__internal__n_error_36; + } + default: { +- goto s_n_llhttp__internal__n_error_34; ++ goto s_n_llhttp__internal__n_error_37; + } + } + /* UNREACHABLE */; +@@ -9941,7 +10160,7 @@ + goto s_n_llhttp__internal__n_url_server_with_at; + } + default: { +- goto s_n_llhttp__internal__n_error_35; ++ goto s_n_llhttp__internal__n_error_38; + } + } + /* UNREACHABLE */; +@@ -9958,7 +10177,7 @@ + goto s_n_llhttp__internal__n_url_server; + } + default: { +- goto s_n_llhttp__internal__n_error_37; ++ goto s_n_llhttp__internal__n_error_40; + } + } + /* UNREACHABLE */; +@@ -9972,22 +10191,22 @@ + switch (*p) { + case 10: { + p++; +- goto s_n_llhttp__internal__n_error_36; ++ goto s_n_llhttp__internal__n_error_39; + } + case 13: { + p++; +- goto s_n_llhttp__internal__n_error_36; ++ goto s_n_llhttp__internal__n_error_39; + } + case ' ': { + p++; +- goto s_n_llhttp__internal__n_error_36; ++ goto s_n_llhttp__internal__n_error_39; + } + case '/': { + p++; + goto s_n_llhttp__internal__n_url_schema_delim_1; + } + default: { +- goto s_n_llhttp__internal__n_error_37; ++ goto s_n_llhttp__internal__n_error_40; + } + } + /* UNREACHABLE */; +@@ -10029,7 +10248,7 @@ + switch (lookup_table[(uint8_t) *p]) { + case 1: { + p++; +- goto s_n_llhttp__internal__n_error_36; ++ goto s_n_llhttp__internal__n_error_39; + } + case 2: { + goto s_n_llhttp__internal__n_span_end_stub_schema; +@@ -10039,7 +10258,7 @@ + goto s_n_llhttp__internal__n_url_schema; + } + default: { +- goto s_n_llhttp__internal__n_error_38; ++ goto s_n_llhttp__internal__n_error_41; + } + } + /* UNREACHABLE */; +@@ -10071,7 +10290,7 @@ + switch (lookup_table[(uint8_t) *p]) { + case 1: { + p++; +- goto s_n_llhttp__internal__n_error_36; ++ goto s_n_llhttp__internal__n_error_39; + } + case 2: { + goto s_n_llhttp__internal__n_span_start_stub_path_2; +@@ -10080,7 +10299,7 @@ + goto s_n_llhttp__internal__n_url_schema; + } + default: { +- goto s_n_llhttp__internal__n_error_39; ++ goto s_n_llhttp__internal__n_error_42; + } + } + /* UNREACHABLE */; +@@ -10136,7 +10355,7 @@ + goto s_n_llhttp__internal__n_req_spaces_before_url; + } + default: { +- goto s_n_llhttp__internal__n_error_40; ++ goto s_n_llhttp__internal__n_error_43; + } + } + /* UNREACHABLE */; +@@ -10161,7 +10380,7 @@ + return s_n_llhttp__internal__n_start_req_1; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10186,7 +10405,7 @@ + return s_n_llhttp__internal__n_start_req_2; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10211,7 +10430,7 @@ + return s_n_llhttp__internal__n_start_req_4; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10236,7 +10455,7 @@ + return s_n_llhttp__internal__n_start_req_6; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10254,7 +10473,7 @@ + goto s_n_llhttp__internal__n_invoke_store_method_1; + } + default: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10275,7 +10494,7 @@ + goto s_n_llhttp__internal__n_start_req_7; + } + default: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10296,7 +10515,7 @@ + goto s_n_llhttp__internal__n_start_req_5; + } + default: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10321,7 +10540,7 @@ + return s_n_llhttp__internal__n_start_req_8; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10346,7 +10565,7 @@ + return s_n_llhttp__internal__n_start_req_9; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10371,7 +10590,7 @@ + return s_n_llhttp__internal__n_start_req_10; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10396,7 +10615,7 @@ + return s_n_llhttp__internal__n_start_req_12; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10421,7 +10640,7 @@ + return s_n_llhttp__internal__n_start_req_13; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10442,7 +10661,7 @@ + goto s_n_llhttp__internal__n_start_req_13; + } + default: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10467,7 +10686,7 @@ + return s_n_llhttp__internal__n_start_req_15; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10492,7 +10711,7 @@ + return s_n_llhttp__internal__n_start_req_16; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10517,7 +10736,7 @@ + return s_n_llhttp__internal__n_start_req_18; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10542,7 +10761,7 @@ + return s_n_llhttp__internal__n_start_req_20; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10560,7 +10779,7 @@ + goto s_n_llhttp__internal__n_invoke_store_method_1; + } + default: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10581,7 +10800,7 @@ + goto s_n_llhttp__internal__n_start_req_21; + } + default: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10602,7 +10821,7 @@ + goto s_n_llhttp__internal__n_start_req_19; + } + default: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10627,7 +10846,7 @@ + return s_n_llhttp__internal__n_start_req_22; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10656,7 +10875,7 @@ + goto s_n_llhttp__internal__n_start_req_22; + } + default: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10681,7 +10900,7 @@ + return s_n_llhttp__internal__n_start_req_23; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10706,7 +10925,7 @@ + return s_n_llhttp__internal__n_start_req_24; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10731,7 +10950,7 @@ + return s_n_llhttp__internal__n_start_req_26; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10756,7 +10975,7 @@ + return s_n_llhttp__internal__n_start_req_27; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10781,7 +11000,7 @@ + return s_n_llhttp__internal__n_start_req_31; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10806,7 +11025,7 @@ + return s_n_llhttp__internal__n_start_req_32; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10827,7 +11046,7 @@ + goto s_n_llhttp__internal__n_start_req_32; + } + default: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10844,7 +11063,7 @@ + goto s_n_llhttp__internal__n_start_req_30; + } + default: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10866,7 +11085,7 @@ + goto s_n_llhttp__internal__n_start_req_29; + } + default: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10891,7 +11110,7 @@ + return s_n_llhttp__internal__n_start_req_34; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10913,7 +11132,7 @@ + goto s_n_llhttp__internal__n_invoke_store_method_1; + } + default: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10942,7 +11161,7 @@ + goto s_n_llhttp__internal__n_start_req_33; + } + default: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10967,7 +11186,7 @@ + return s_n_llhttp__internal__n_start_req_37; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -10992,7 +11211,7 @@ + return s_n_llhttp__internal__n_start_req_38; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -11013,7 +11232,7 @@ + goto s_n_llhttp__internal__n_start_req_38; + } + default: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -11030,7 +11249,7 @@ + goto s_n_llhttp__internal__n_start_req_36; + } + default: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -11055,7 +11274,7 @@ + return s_n_llhttp__internal__n_start_req_40; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -11080,7 +11299,7 @@ + return s_n_llhttp__internal__n_start_req_41; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -11105,7 +11324,7 @@ + return s_n_llhttp__internal__n_start_req_42; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -11130,7 +11349,7 @@ + goto s_n_llhttp__internal__n_start_req_42; + } + default: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -11155,7 +11374,7 @@ + return s_n_llhttp__internal__n_start_req_43; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -11180,7 +11399,7 @@ + return s_n_llhttp__internal__n_start_req_46; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -11205,7 +11424,7 @@ + return s_n_llhttp__internal__n_start_req_48; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -11230,7 +11449,7 @@ + return s_n_llhttp__internal__n_start_req_49; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -11251,7 +11470,7 @@ + goto s_n_llhttp__internal__n_start_req_49; + } + default: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -11276,7 +11495,7 @@ + return s_n_llhttp__internal__n_start_req_50; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -11301,7 +11520,7 @@ + goto s_n_llhttp__internal__n_start_req_50; + } + default: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -11318,7 +11537,7 @@ + goto s_n_llhttp__internal__n_start_req_45; + } + default: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -11391,7 +11610,7 @@ + goto s_n_llhttp__internal__n_start_req_44; + } + default: { +- goto s_n_llhttp__internal__n_error_48; ++ goto s_n_llhttp__internal__n_error_51; + } + } + /* UNREACHABLE */; +@@ -11476,7 +11695,7 @@ + goto s_n_llhttp__internal__n_res_status_start; + } + default: { +- goto s_n_llhttp__internal__n_error_42; ++ goto s_n_llhttp__internal__n_error_45; + } + } + /* UNREACHABLE */; +@@ -11556,7 +11775,7 @@ + goto s_n_llhttp__internal__n_invoke_update_status_code; + } + default: { +- goto s_n_llhttp__internal__n_error_43; ++ goto s_n_llhttp__internal__n_error_46; + } + } + /* UNREACHABLE */; +@@ -11619,7 +11838,7 @@ + goto s_n_llhttp__internal__n_invoke_store_http_minor_1; + } + default: { +- goto s_n_llhttp__internal__n_error_44; ++ goto s_n_llhttp__internal__n_error_47; + } + } + /* UNREACHABLE */; +@@ -11636,7 +11855,7 @@ + goto s_n_llhttp__internal__n_res_http_minor; + } + default: { +- goto s_n_llhttp__internal__n_error_45; ++ goto s_n_llhttp__internal__n_error_48; + } + } + /* UNREACHABLE */; +@@ -11699,7 +11918,7 @@ + goto s_n_llhttp__internal__n_invoke_store_http_major_1; + } + default: { +- goto s_n_llhttp__internal__n_error_46; ++ goto s_n_llhttp__internal__n_error_49; + } + } + /* UNREACHABLE */; +@@ -11723,7 +11942,7 @@ + return s_n_llhttp__internal__n_start_res; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_49; ++ goto s_n_llhttp__internal__n_error_52; + } + } + /* UNREACHABLE */; +@@ -11748,7 +11967,7 @@ + return s_n_llhttp__internal__n_req_or_res_method_2; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_47; ++ goto s_n_llhttp__internal__n_error_50; + } + } + /* UNREACHABLE */; +@@ -11772,7 +11991,7 @@ + return s_n_llhttp__internal__n_req_or_res_method_3; + } + case kMatchMismatch: { +- goto s_n_llhttp__internal__n_error_47; ++ goto s_n_llhttp__internal__n_error_50; + } + } + /* UNREACHABLE */; +@@ -11793,7 +12012,7 @@ + goto s_n_llhttp__internal__n_req_or_res_method_3; + } + default: { +- goto s_n_llhttp__internal__n_error_47; ++ goto s_n_llhttp__internal__n_error_50; + } + } + /* UNREACHABLE */; +@@ -11810,7 +12029,7 @@ + goto s_n_llhttp__internal__n_req_or_res_method_1; + } + default: { +- goto s_n_llhttp__internal__n_error_47; ++ goto s_n_llhttp__internal__n_error_50; + } + } + /* UNREACHABLE */; +@@ -11870,7 +12089,7 @@ + /* UNREACHABLE */ + abort(); + } +- s_n_llhttp__internal__n_error_36: { ++ s_n_llhttp__internal__n_error_39: { + state->error = 0x7; + state->reason = "Invalid characters in url"; + state->error_pos = (const char*) p; +@@ -12314,7 +12533,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_16: { ++ s_n_llhttp__internal__n_error_17: { + state->error = 0xb; + state->reason = "Empty Content-Length"; + state->error_pos = (const char*) p; +@@ -12399,14 +12618,51 @@ + s_n_llhttp__internal__n_invoke_load_header_state: { + switch (llhttp__internal__c_load_header_state(state, p, endp)) { + case 2: +- goto s_n_llhttp__internal__n_error_16; ++ goto s_n_llhttp__internal__n_error_17; + default: + goto s_n_llhttp__internal__n_invoke_load_header_state_1; + } + /* UNREACHABLE */; + abort(); + } ++ s_n_llhttp__internal__n_error_16: { ++ state->error = 0xa; ++ state->reason = "Invalid header value char"; ++ state->error_pos = (const char*) p; ++ state->_current = (void*) (intptr_t) s_error; ++ return s_error; ++ /* UNREACHABLE */; ++ abort(); ++ } ++ s_n_llhttp__internal__n_invoke_test_flags_5: { ++ switch (llhttp__internal__c_test_flags_2(state, p, endp)) { ++ case 1: ++ goto s_n_llhttp__internal__n_header_value_discard_lws; ++ default: ++ goto s_n_llhttp__internal__n_error_16; ++ } ++ /* UNREACHABLE */; ++ abort(); ++ } + s_n_llhttp__internal__n_invoke_update_header_state_1: { ++ switch (llhttp__internal__c_update_header_state_1(state, p, endp)) { ++ default: ++ goto s_n_llhttp__internal__n_span_start_llhttp__on_header_value_1; ++ } ++ /* UNREACHABLE */; ++ abort(); ++ } ++ s_n_llhttp__internal__n_invoke_load_header_state_3: { ++ switch (llhttp__internal__c_load_header_state(state, p, endp)) { ++ case 8: ++ goto s_n_llhttp__internal__n_invoke_update_header_state_1; ++ default: ++ goto s_n_llhttp__internal__n_span_start_llhttp__on_header_value_1; ++ } ++ /* UNREACHABLE */; ++ abort(); ++ } ++ s_n_llhttp__internal__n_invoke_update_header_state_2: { + switch (llhttp__internal__c_update_header_state(state, p, endp)) { + default: + goto s_n_llhttp__internal__n_header_field_start; +@@ -12417,7 +12673,7 @@ + s_n_llhttp__internal__n_invoke_or_flags_7: { + switch (llhttp__internal__c_or_flags_3(state, p, endp)) { + default: +- goto s_n_llhttp__internal__n_invoke_update_header_state_1; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_2; + } + /* UNREACHABLE */; + abort(); +@@ -12425,7 +12681,7 @@ + s_n_llhttp__internal__n_invoke_or_flags_8: { + switch (llhttp__internal__c_or_flags_4(state, p, endp)) { + default: +- goto s_n_llhttp__internal__n_invoke_update_header_state_1; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_2; + } + /* UNREACHABLE */; + abort(); +@@ -12433,7 +12689,7 @@ + s_n_llhttp__internal__n_invoke_or_flags_9: { + switch (llhttp__internal__c_or_flags_5(state, p, endp)) { + default: +- goto s_n_llhttp__internal__n_invoke_update_header_state_1; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_2; + } + /* UNREACHABLE */; + abort(); +@@ -12446,7 +12702,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_invoke_load_header_state_3: { ++ s_n_llhttp__internal__n_invoke_load_header_state_4: { + switch (llhttp__internal__c_load_header_state(state, p, endp)) { + case 5: + goto s_n_llhttp__internal__n_invoke_or_flags_7; +@@ -12462,7 +12718,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_17: { ++ s_n_llhttp__internal__n_error_18: { + state->error = 0x3; + state->reason = "Missing expected LF after header value"; + state->error_pos = (const char*) p; +@@ -12480,6 +12736,24 @@ + err = llhttp__on_header_value(state, start, p); + if (err != 0) { + state->error = err; ++ state->error_pos = (const char*) (p + 1); ++ state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_header_value_almost_done; ++ return s_error; ++ } ++ p++; ++ goto s_n_llhttp__internal__n_header_value_almost_done; ++ /* UNREACHABLE */; ++ abort(); ++ } ++ s_n_llhttp__internal__n_span_end_llhttp__on_header_value_3: { ++ const unsigned char* start; ++ int err; ++ ++ start = state->_span_pos0; ++ state->_span_pos0 = NULL; ++ err = llhttp__on_header_value(state, start, p); ++ if (err != 0) { ++ state->error = err; + state->error_pos = (const char*) p; + state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_header_value_almost_done; + return s_error; +@@ -12488,7 +12762,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_span_end_llhttp__on_header_value_2: { ++ s_n_llhttp__internal__n_span_end_llhttp__on_header_value_4: { + const unsigned char* start; + int err; + +@@ -12506,7 +12780,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_span_end_llhttp__on_header_value_3: { ++ s_n_llhttp__internal__n_span_end_llhttp__on_header_value_2: { + const unsigned char* start; + int err; + +@@ -12515,35 +12789,25 @@ + err = llhttp__on_header_value(state, start, p); + if (err != 0) { + state->error = err; +- state->error_pos = (const char*) (p + 1); +- state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_header_value_almost_done; ++ state->error_pos = (const char*) p; ++ state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_19; + return s_error; + } +- p++; +- goto s_n_llhttp__internal__n_header_value_almost_done; ++ goto s_n_llhttp__internal__n_error_19; + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_18: { +- state->error = 0xa; +- state->reason = "Invalid header value char"; +- state->error_pos = (const char*) p; +- state->_current = (void*) (intptr_t) s_error; +- return s_error; +- /* UNREACHABLE */; +- abort(); +- } +- s_n_llhttp__internal__n_invoke_test_flags_5: { ++ s_n_llhttp__internal__n_invoke_test_flags_6: { + switch (llhttp__internal__c_test_flags_2(state, p, endp)) { + case 1: + goto s_n_llhttp__internal__n_header_value_lenient; + default: +- goto s_n_llhttp__internal__n_error_18; ++ goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_2; + } + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_invoke_update_header_state_3: { ++ s_n_llhttp__internal__n_invoke_update_header_state_4: { + switch (llhttp__internal__c_update_header_state(state, p, endp)) { + default: + goto s_n_llhttp__internal__n_header_value_connection; +@@ -12554,7 +12818,7 @@ + s_n_llhttp__internal__n_invoke_or_flags_11: { + switch (llhttp__internal__c_or_flags_3(state, p, endp)) { + default: +- goto s_n_llhttp__internal__n_invoke_update_header_state_3; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_4; + } + /* UNREACHABLE */; + abort(); +@@ -12562,7 +12826,7 @@ + s_n_llhttp__internal__n_invoke_or_flags_12: { + switch (llhttp__internal__c_or_flags_4(state, p, endp)) { + default: +- goto s_n_llhttp__internal__n_invoke_update_header_state_3; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_4; + } + /* UNREACHABLE */; + abort(); +@@ -12570,7 +12834,7 @@ + s_n_llhttp__internal__n_invoke_or_flags_13: { + switch (llhttp__internal__c_or_flags_5(state, p, endp)) { + default: +- goto s_n_llhttp__internal__n_invoke_update_header_state_3; ++ goto s_n_llhttp__internal__n_invoke_update_header_state_4; + } + /* UNREACHABLE */; + abort(); +@@ -12583,7 +12847,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_invoke_load_header_state_4: { ++ s_n_llhttp__internal__n_invoke_load_header_state_5: { + switch (llhttp__internal__c_load_header_state(state, p, endp)) { + case 5: + goto s_n_llhttp__internal__n_invoke_or_flags_11; +@@ -12599,39 +12863,39 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_invoke_update_header_state_4: { +- switch (llhttp__internal__c_update_header_state_4(state, p, endp)) { ++ s_n_llhttp__internal__n_invoke_update_header_state_5: { ++ switch (llhttp__internal__c_update_header_state_1(state, p, endp)) { + default: + goto s_n_llhttp__internal__n_header_value_connection_token; + } + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_invoke_update_header_state_2: { +- switch (llhttp__internal__c_update_header_state_2(state, p, endp)) { ++ s_n_llhttp__internal__n_invoke_update_header_state_3: { ++ switch (llhttp__internal__c_update_header_state_3(state, p, endp)) { + default: + goto s_n_llhttp__internal__n_header_value_connection_ws; + } + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_invoke_update_header_state_5: { +- switch (llhttp__internal__c_update_header_state_5(state, p, endp)) { ++ s_n_llhttp__internal__n_invoke_update_header_state_6: { ++ switch (llhttp__internal__c_update_header_state_6(state, p, endp)) { + default: + goto s_n_llhttp__internal__n_header_value_connection_ws; + } + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_invoke_update_header_state_6: { +- switch (llhttp__internal__c_update_header_state_6(state, p, endp)) { ++ s_n_llhttp__internal__n_invoke_update_header_state_7: { ++ switch (llhttp__internal__c_update_header_state_7(state, p, endp)) { + default: + goto s_n_llhttp__internal__n_header_value_connection_ws; + } + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_span_end_llhttp__on_header_value_4: { ++ s_n_llhttp__internal__n_span_end_llhttp__on_header_value_5: { + const unsigned char* start; + int err; + +@@ -12641,17 +12905,17 @@ + if (err != 0) { + state->error = err; + state->error_pos = (const char*) p; +- state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_20; ++ state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_21; + return s_error; + } +- goto s_n_llhttp__internal__n_error_20; ++ goto s_n_llhttp__internal__n_error_21; + /* UNREACHABLE */; + abort(); + } + s_n_llhttp__internal__n_invoke_mul_add_content_length_1: { + switch (llhttp__internal__c_mul_add_content_length_1(state, p, endp, match)) { + case 1: +- goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_4; ++ goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_5; + default: + goto s_n_llhttp__internal__n_header_value_content_length; + } +@@ -12666,7 +12930,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_span_end_llhttp__on_header_value_5: { ++ s_n_llhttp__internal__n_span_end_llhttp__on_header_value_6: { + const unsigned char* start; + int err; + +@@ -12676,14 +12940,14 @@ + if (err != 0) { + state->error = err; + state->error_pos = (const char*) p; +- state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_21; ++ state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_22; + return s_error; + } +- goto s_n_llhttp__internal__n_error_21; ++ goto s_n_llhttp__internal__n_error_22; + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_19: { ++ s_n_llhttp__internal__n_error_20: { + state->error = 0x4; + state->reason = "Duplicate Content-Length"; + state->error_pos = (const char*) p; +@@ -12692,26 +12956,82 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_invoke_test_flags_6: { +- switch (llhttp__internal__c_test_flags_6(state, p, endp)) { ++ s_n_llhttp__internal__n_invoke_test_flags_7: { ++ switch (llhttp__internal__c_test_flags_7(state, p, endp)) { + case 0: + goto s_n_llhttp__internal__n_header_value_content_length; + default: +- goto s_n_llhttp__internal__n_error_19; ++ goto s_n_llhttp__internal__n_error_20; + } + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_invoke_update_header_state_7: { +- switch (llhttp__internal__c_update_header_state_7(state, p, endp)) { ++ s_n_llhttp__internal__n_span_end_llhttp__on_header_value_8: { ++ const unsigned char* start; ++ int err; ++ ++ start = state->_span_pos0; ++ state->_span_pos0 = NULL; ++ err = llhttp__on_header_value(state, start, p); ++ if (err != 0) { ++ state->error = err; ++ state->error_pos = (const char*) (p + 1); ++ state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_24; ++ return s_error; ++ } ++ p++; ++ goto s_n_llhttp__internal__n_error_24; ++ /* UNREACHABLE */; ++ abort(); ++ } ++ s_n_llhttp__internal__n_invoke_update_header_state_8: { ++ switch (llhttp__internal__c_update_header_state_8(state, p, endp)) { + default: + goto s_n_llhttp__internal__n_header_value_otherwise; + } + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_invoke_update_header_state_8: { +- switch (llhttp__internal__c_update_header_state_4(state, p, endp)) { ++ s_n_llhttp__internal__n_span_end_llhttp__on_header_value_7: { ++ const unsigned char* start; ++ int err; ++ ++ start = state->_span_pos0; ++ state->_span_pos0 = NULL; ++ err = llhttp__on_header_value(state, start, p); ++ if (err != 0) { ++ state->error = err; ++ state->error_pos = (const char*) (p + 1); ++ state->_current = (void*) (intptr_t) s_n_llhttp__internal__n_error_23; ++ return s_error; ++ } ++ p++; ++ goto s_n_llhttp__internal__n_error_23; ++ /* UNREACHABLE */; ++ abort(); ++ } ++ s_n_llhttp__internal__n_invoke_test_flags_9: { ++ switch (llhttp__internal__c_test_flags_2(state, p, endp)) { ++ case 0: ++ goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_7; ++ default: ++ goto s_n_llhttp__internal__n_header_value_te_chunked; ++ } ++ /* UNREACHABLE */; ++ abort(); ++ } ++ s_n_llhttp__internal__n_invoke_load_type_1: { ++ switch (llhttp__internal__c_load_type(state, p, endp)) { ++ case 1: ++ goto s_n_llhttp__internal__n_invoke_test_flags_9; ++ default: ++ goto s_n_llhttp__internal__n_header_value_te_chunked; ++ } ++ /* UNREACHABLE */; ++ abort(); ++ } ++ s_n_llhttp__internal__n_invoke_update_header_state_9: { ++ switch (llhttp__internal__c_update_header_state_1(state, p, endp)) { + default: + goto s_n_llhttp__internal__n_header_value; + } +@@ -12726,6 +13046,34 @@ + /* UNREACHABLE */; + abort(); + } ++ s_n_llhttp__internal__n_invoke_or_flags_17: { ++ switch (llhttp__internal__c_or_flags_16(state, p, endp)) { ++ default: ++ goto s_n_llhttp__internal__n_invoke_and_flags; ++ } ++ /* UNREACHABLE */; ++ abort(); ++ } ++ s_n_llhttp__internal__n_invoke_test_flags_10: { ++ switch (llhttp__internal__c_test_flags_2(state, p, endp)) { ++ case 0: ++ goto s_n_llhttp__internal__n_span_end_llhttp__on_header_value_8; ++ default: ++ goto s_n_llhttp__internal__n_invoke_or_flags_17; ++ } ++ /* UNREACHABLE */; ++ abort(); ++ } ++ s_n_llhttp__internal__n_invoke_load_type_2: { ++ switch (llhttp__internal__c_load_type(state, p, endp)) { ++ case 1: ++ goto s_n_llhttp__internal__n_invoke_test_flags_10; ++ default: ++ goto s_n_llhttp__internal__n_invoke_or_flags_17; ++ } ++ /* UNREACHABLE */; ++ abort(); ++ } + s_n_llhttp__internal__n_invoke_or_flags_16: { + switch (llhttp__internal__c_or_flags_16(state, p, endp)) { + default: +@@ -12734,10 +13082,20 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_invoke_or_flags_17: { +- switch (llhttp__internal__c_or_flags_17(state, p, endp)) { ++ s_n_llhttp__internal__n_invoke_test_flags_8: { ++ switch (llhttp__internal__c_test_flags_8(state, p, endp)) { ++ case 1: ++ goto s_n_llhttp__internal__n_invoke_load_type_2; + default: +- goto s_n_llhttp__internal__n_invoke_update_header_state_8; ++ goto s_n_llhttp__internal__n_invoke_or_flags_16; ++ } ++ /* UNREACHABLE */; ++ abort(); ++ } ++ s_n_llhttp__internal__n_invoke_or_flags_18: { ++ switch (llhttp__internal__c_or_flags_18(state, p, endp)) { ++ default: ++ goto s_n_llhttp__internal__n_invoke_update_header_state_9; + } + /* UNREACHABLE */; + abort(); +@@ -12747,11 +13105,11 @@ + case 1: + goto s_n_llhttp__internal__n_header_value_connection; + case 2: +- goto s_n_llhttp__internal__n_invoke_test_flags_6; ++ goto s_n_llhttp__internal__n_invoke_test_flags_7; + case 3: +- goto s_n_llhttp__internal__n_invoke_or_flags_16; ++ goto s_n_llhttp__internal__n_invoke_test_flags_8; + case 4: +- goto s_n_llhttp__internal__n_invoke_or_flags_17; ++ goto s_n_llhttp__internal__n_invoke_or_flags_18; + default: + goto s_n_llhttp__internal__n_header_value; + } +@@ -12794,7 +13152,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_22: { ++ s_n_llhttp__internal__n_error_25: { + state->error = 0xa; + state->reason = "Invalid header token"; + state->error_pos = (const char*) p; +@@ -12803,8 +13161,8 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_invoke_update_header_state_9: { +- switch (llhttp__internal__c_update_header_state_4(state, p, endp)) { ++ s_n_llhttp__internal__n_invoke_update_header_state_10: { ++ switch (llhttp__internal__c_update_header_state_1(state, p, endp)) { + default: + goto s_n_llhttp__internal__n_header_field_general; + } +@@ -12819,8 +13177,8 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_invoke_update_header_state_10: { +- switch (llhttp__internal__c_update_header_state_4(state, p, endp)) { ++ s_n_llhttp__internal__n_invoke_update_header_state_11: { ++ switch (llhttp__internal__c_update_header_state_1(state, p, endp)) { + default: + goto s_n_llhttp__internal__n_header_field_general; + } +@@ -12860,7 +13218,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_23: { ++ s_n_llhttp__internal__n_error_26: { + state->error = 0x7; + state->reason = "Expected CRLF"; + state->error_pos = (const char*) p; +@@ -12886,7 +13244,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_24: { ++ s_n_llhttp__internal__n_error_27: { + state->error = 0x9; + state->reason = "Expected CRLF after version"; + state->error_pos = (const char*) p; +@@ -12903,7 +13261,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_25: { ++ s_n_llhttp__internal__n_error_28: { + state->error = 0x9; + state->reason = "Invalid minor version"; + state->error_pos = (const char*) p; +@@ -12912,7 +13270,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_26: { ++ s_n_llhttp__internal__n_error_29: { + state->error = 0x9; + state->reason = "Expected dot"; + state->error_pos = (const char*) p; +@@ -12929,7 +13287,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_27: { ++ s_n_llhttp__internal__n_error_30: { + state->error = 0x9; + state->reason = "Invalid major version"; + state->error_pos = (const char*) p; +@@ -12938,7 +13296,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_29: { ++ s_n_llhttp__internal__n_error_32: { + state->error = 0x8; + state->reason = "Expected HTTP/"; + state->error_pos = (const char*) p; +@@ -12947,7 +13305,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_28: { ++ s_n_llhttp__internal__n_error_31: { + state->error = 0x8; + state->reason = "Expected SOURCE method for ICE/x.x request"; + state->error_pos = (const char*) p; +@@ -12959,7 +13317,7 @@ + s_n_llhttp__internal__n_invoke_is_equal_method_1: { + switch (llhttp__internal__c_is_equal_method_1(state, p, endp)) { + case 0: +- goto s_n_llhttp__internal__n_error_28; ++ goto s_n_llhttp__internal__n_error_31; + default: + goto s_n_llhttp__internal__n_req_http_major; + } +@@ -13034,7 +13392,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_30: { ++ s_n_llhttp__internal__n_error_33: { + state->error = 0x7; + state->reason = "Invalid char in url fragment start"; + state->error_pos = (const char*) p; +@@ -13094,7 +13452,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_31: { ++ s_n_llhttp__internal__n_error_34: { + state->error = 0x7; + state->reason = "Invalid char in url query"; + state->error_pos = (const char*) p; +@@ -13103,7 +13461,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_32: { ++ s_n_llhttp__internal__n_error_35: { + state->error = 0x7; + state->reason = "Invalid char in url path"; + state->error_pos = (const char*) p; +@@ -13214,7 +13572,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_33: { ++ s_n_llhttp__internal__n_error_36: { + state->error = 0x7; + state->reason = "Double @ in url"; + state->error_pos = (const char*) p; +@@ -13223,7 +13581,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_34: { ++ s_n_llhttp__internal__n_error_37: { + state->error = 0x7; + state->reason = "Unexpected char in url server"; + state->error_pos = (const char*) p; +@@ -13232,7 +13590,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_35: { ++ s_n_llhttp__internal__n_error_38: { + state->error = 0x7; + state->reason = "Unexpected char in url server"; + state->error_pos = (const char*) p; +@@ -13241,7 +13599,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_37: { ++ s_n_llhttp__internal__n_error_40: { + state->error = 0x7; + state->reason = "Unexpected char in url schema"; + state->error_pos = (const char*) p; +@@ -13250,7 +13608,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_38: { ++ s_n_llhttp__internal__n_error_41: { + state->error = 0x7; + state->reason = "Unexpected char in url schema"; + state->error_pos = (const char*) p; +@@ -13259,7 +13617,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_39: { ++ s_n_llhttp__internal__n_error_42: { + state->error = 0x7; + state->reason = "Unexpected start char in url"; + state->error_pos = (const char*) p; +@@ -13278,7 +13636,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_40: { ++ s_n_llhttp__internal__n_error_43: { + state->error = 0x6; + state->reason = "Expected space after method"; + state->error_pos = (const char*) p; +@@ -13295,7 +13653,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_48: { ++ s_n_llhttp__internal__n_error_51: { + state->error = 0x6; + state->reason = "Invalid method encountered"; + state->error_pos = (const char*) p; +@@ -13304,7 +13662,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_41: { ++ s_n_llhttp__internal__n_error_44: { + state->error = 0xd; + state->reason = "Response overflow"; + state->error_pos = (const char*) p; +@@ -13316,7 +13674,7 @@ + s_n_llhttp__internal__n_invoke_mul_add_status_code: { + switch (llhttp__internal__c_mul_add_status_code(state, p, endp, match)) { + case 1: +- goto s_n_llhttp__internal__n_error_41; ++ goto s_n_llhttp__internal__n_error_44; + default: + goto s_n_llhttp__internal__n_res_status_code; + } +@@ -13359,7 +13717,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_42: { ++ s_n_llhttp__internal__n_error_45: { + state->error = 0xd; + state->reason = "Invalid response status"; + state->error_pos = (const char*) p; +@@ -13376,7 +13734,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_43: { ++ s_n_llhttp__internal__n_error_46: { + state->error = 0x9; + state->reason = "Expected space after version"; + state->error_pos = (const char*) p; +@@ -13393,7 +13751,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_44: { ++ s_n_llhttp__internal__n_error_47: { + state->error = 0x9; + state->reason = "Invalid minor version"; + state->error_pos = (const char*) p; +@@ -13402,7 +13760,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_45: { ++ s_n_llhttp__internal__n_error_48: { + state->error = 0x9; + state->reason = "Expected dot"; + state->error_pos = (const char*) p; +@@ -13419,7 +13777,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_46: { ++ s_n_llhttp__internal__n_error_49: { + state->error = 0x9; + state->reason = "Invalid major version"; + state->error_pos = (const char*) p; +@@ -13428,7 +13786,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_49: { ++ s_n_llhttp__internal__n_error_52: { + state->error = 0x8; + state->reason = "Expected HTTP/"; + state->error_pos = (const char*) p; +@@ -13453,7 +13811,7 @@ + /* UNREACHABLE */; + abort(); + } +- s_n_llhttp__internal__n_error_47: { ++ s_n_llhttp__internal__n_error_50: { + state->error = 0x8; + state->reason = "Invalid word encountered"; + state->error_pos = (const char*) p; +--- nodejs-12.22.12~dfsg/test/parallel/test-http-invalid-te.js ++++ nodejs-12.22.12~dfsg/test/parallel/test-http-invalid-te.js +@@ -13,7 +13,7 @@ Content-Type: text/plain; charset=utf-8 + Host: hacker.exploit.com + Connection: keep-alive + Content-Length: 10 +-Transfer-Encoding: chunked, eee ++Transfer-Encoding: eee, chunked + + HELLOWORLDPOST / HTTP/1.1 + Content-Type: text/plain; charset=utf-8 +--- nodejs-12.22.12~dfsg/test/parallel/test-http-missing-header-separator-cr.js ++++ nodejs-12.22.12~dfsg/test/parallel/test-http-missing-header-separator-cr.js +@@ -0,0 +1,83 @@ ++'use strict'; ++ ++const common = require('../common'); ++const assert = require('assert'); ++ ++const http = require('http'); ++const net = require('net'); ++ ++function serverHandler(server, msg) { ++ const client = net.connect(server.address().port, 'localhost'); ++ ++ let response = ''; ++ ++ client.on('data', common.mustCall((chunk) => { ++ response += chunk.toString('utf-8'); ++ })); ++ ++ client.setEncoding('utf8'); ++ client.on('error', common.mustNotCall()); ++ client.on('end', common.mustCall(() => { ++ assert.strictEqual( ++ response, ++ 'HTTP/1.1 400 Bad Request\r\nConnection: close\r\n\r\n' ++ ); ++ server.close(); ++ })); ++ client.write(msg); ++ client.resume(); ++} ++ ++{ ++ const msg = [ ++ 'GET / HTTP/1.1', ++ 'Host: localhost', ++ 'Dummy: x\nContent-Length: 23', ++ '', ++ 'GET / HTTP/1.1', ++ 'Dummy: GET /admin HTTP/1.1', ++ 'Host: localhost', ++ '', ++ '', ++ ].join('\r\n'); ++ ++ const server = http.createServer(common.mustNotCall()); ++ ++ server.listen(0, common.mustCall(serverHandler.bind(null, server, msg))); ++} ++ ++{ ++ const msg = [ ++ 'POST / HTTP/1.1', ++ 'Host: localhost', ++ 'x:x\nTransfer-Encoding: chunked', ++ '', ++ '1', ++ 'A', ++ '0', ++ '', ++ '', ++ ].join('\r\n'); ++ ++ const server = http.createServer(common.mustNotCall()); ++ ++ server.listen(0, common.mustCall(serverHandler.bind(null, server, msg))); ++} ++ ++{ ++ const msg = [ ++ 'POST / HTTP/1.1', ++ 'Host: localhost', ++ 'x:\nTransfer-Encoding: chunked', ++ '', ++ '1', ++ 'A', ++ '0', ++ '', ++ '', ++ ].join('\r\n'); ++ ++ const server = http.createServer(common.mustNotCall()); ++ ++ server.listen(0, common.mustCall(serverHandler.bind(null, server, msg))); ++} +--- /dev/null ++++ nodejs-12.22.12~dfsg/test/parallel/test-http-transfer-encoding-repeated-chunked.js +@@ -0,0 +1,51 @@ ++'use strict'; ++ ++const common = require('../common'); ++const assert = require('assert'); ++ ++const http = require('http'); ++const net = require('net'); ++ ++const msg = [ ++ 'POST / HTTP/1.1', ++ 'Host: 127.0.0.1', ++ 'Transfer-Encoding: chunkedchunked', ++ '', ++ '1', ++ 'A', ++ '0', ++ '', ++].join('\r\n'); ++ ++const server = http.createServer(common.mustCall((req, res) => { ++ // Verify that no data is received ++ ++ req.on('data', common.mustNotCall()); ++ ++ req.on('end', common.mustNotCall(() => { ++ res.writeHead(200, { 'Content-Type': 'text/plain' }); ++ res.end(); ++ })); ++}, 1)); ++ ++server.listen(0, common.mustCall(() => { ++ const client = net.connect(server.address().port, 'localhost'); ++ ++ let response = ''; ++ ++ client.on('data', common.mustCall((chunk) => { ++ response += chunk.toString('utf-8'); ++ })); ++ ++ client.setEncoding('utf8'); ++ client.on('error', common.mustNotCall()); ++ client.on('end', common.mustCall(() => { ++ assert.strictEqual( ++ response, ++ 'HTTP/1.1 400 Bad Request\r\nConnection: close\r\n\r\n' ++ ); ++ server.close(); ++ })); ++ client.write(msg); ++ client.resume(); ++})); +--- nodejs-12.22.12~dfsg/test/parallel/test-http-transfer-encoding-smuggling.js ++++ nodejs-12.22.12~dfsg/test/parallel/test-http-transfer-encoding-smuggling.js +@@ -1,46 +1,89 @@ + 'use strict'; + + const common = require('../common'); +- + const assert = require('assert'); ++ + const http = require('http'); + const net = require('net'); + +-const msg = [ +- 'POST / HTTP/1.1', +- 'Host: 127.0.0.1', +- 'Transfer-Encoding: chunked', +- 'Transfer-Encoding: chunked-false', +- 'Connection: upgrade', +- '', +- '1', +- 'A', +- '0', +- '', +- 'GET /flag HTTP/1.1', +- 'Host: 127.0.0.1', +- '', +- '', +-].join('\r\n'); +- +-// Verify that the server is called only once even with a smuggled request. +- +-const server = http.createServer(common.mustCall((req, res) => { +- res.end(); +-}, 1)); +- +-function send(next) { +- const client = net.connect(server.address().port, 'localhost'); +- client.setEncoding('utf8'); +- client.on('error', common.mustNotCall()); +- client.on('end', next); +- client.write(msg); +- client.resume(); ++{ ++ const msg = [ ++ 'POST / HTTP/1.1', ++ 'Host: 127.0.0.1', ++ 'Transfer-Encoding: chunked', ++ 'Transfer-Encoding: chunked-false', ++ 'Connection: upgrade', ++ '', ++ '1', ++ 'A', ++ '0', ++ '', ++ 'GET /flag HTTP/1.1', ++ 'Host: 127.0.0.1', ++ '', ++ '', ++ ].join('\r\n'); ++ ++ const server = http.createServer(common.mustNotCall((req, res) => { ++ res.end(); ++ }, 1)); ++ ++ server.listen(0, common.mustCall(() => { ++ const client = net.connect(server.address().port, 'localhost'); ++ ++ let response = ''; ++ ++ // Verify that the server listener is never called ++ ++ client.on('data', common.mustCall((chunk) => { ++ response += chunk.toString('utf-8'); ++ })); ++ ++ client.setEncoding('utf8'); ++ client.on('error', common.mustNotCall()); ++ client.on('end', common.mustCall(() => { ++ assert.strictEqual( ++ response, ++ 'HTTP/1.1 400 Bad Request\r\nConnection: close\r\n\r\n' ++ ); ++ server.close(); ++ })); ++ client.write(msg); ++ client.resume(); ++ })); + } + +-server.listen(0, common.mustCall((err) => { +- assert.ifError(err); +- send(common.mustCall(() => { +- server.close(); ++{ ++ const msg = [ ++ 'POST / HTTP/1.1', ++ 'Host: 127.0.0.1', ++ 'Transfer-Encoding: chunked', ++ ' , chunked-false', ++ 'Connection: upgrade', ++ '', ++ '1', ++ 'A', ++ '0', ++ '', ++ 'GET /flag HTTP/1.1', ++ 'Host: 127.0.0.1', ++ '', ++ '', ++ ].join('\r\n'); ++ ++ const server = http.createServer(common.mustCall((request, response) => { ++ assert.notStrictEqual(request.url, '/admin'); ++ response.end('hello world'); ++ }), 1); ++ ++ server.listen(0, common.mustCall(() => { ++ const client = net.connect(server.address().port, 'localhost'); ++ ++ client.on('end', common.mustCall(function() { ++ server.close(); ++ })); ++ ++ client.write(msg); ++ client.resume(); + })); +-})); ++} +--- nodejs-12.22.12~dfsg/test/parallel/test-http-header-overflow.js ++++ nodejs-12.22.12~dfsg/test/parallel/test-http-header-overflow.js +@@ -1,3 +1,5 @@ ++// Flags: --expose-internals ++ + 'use strict'; + const { expectsError, mustCall } = require('../common'); + const assert = require('assert'); +@@ -8,7 +10,7 @@ const CRLF = '\r\n'; + const DUMMY_HEADER_NAME = 'Cookie: '; + const DUMMY_HEADER_VALUE = 'a'.repeat( + // Plus one is to make it 1 byte too big +- maxHeaderSize - DUMMY_HEADER_NAME.length - (2 * CRLF.length) + 1 ++ maxHeaderSize - DUMMY_HEADER_NAME.length + 2 + ); + const PAYLOAD_GET = 'GET /blah HTTP/1.1'; + const PAYLOAD = PAYLOAD_GET + CRLF + +@@ -21,7 +23,7 @@ server.on('connection', mustCall((socket + name: 'Error', + message: 'Parse Error: Header overflow', + code: 'HPE_HEADER_OVERFLOW', +- bytesParsed: maxHeaderSize + PAYLOAD_GET.length, ++ bytesParsed: maxHeaderSize + PAYLOAD_GET.length + (CRLF.length * 2) + 1, + rawPacket: Buffer.from(PAYLOAD) + })); + })); diff --git a/debian/patches/series b/debian/patches/series index eb48e6715fafbb94b09e4406c2cee51c959a2fd4..0586f68f0770e111a7bf4cf68168b3d724b35033 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -20,3 +20,7 @@ ppc64.patch python3.patch cjs-module-lexer.patch upstream-fix-test-worker-prof.patch +cve-2022-32212.patch +cve-2022-35255.patch +cve-2022-43548.patch +cve-llhttp.patch