From 7f0978df6dad631316c29ba0dbbd33df9cfb77b4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lo=C3=AFc=20Hoguin?= <essen@ninenines.eu>
Date: Tue, 1 Oct 2019 21:09:24 +0200
Subject: Reject empty HTTP/2 header names

---
 src/cow_http2_machine.erl | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/cow_http2_machine.erl b/src/cow_http2_machine.erl
index 41605ef..0779ffc 100644
--- a/src/cow_http2_machine.erl
+++ b/src/cow_http2_machine.erl
@@ -659,6 +659,8 @@ headers_regular_headers(Frame=#headers{id=StreamID},
 			stream_reset(StreamID, State, protocol_error, HumanReadable)
 	end.
 
+regular_headers([{<<>>, _}|_], _) ->
+	{error, 'Empty header names are not valid regular headers. (CVE-2019-9516)'};
 regular_headers([{<<":", _/bits>>, _}|_], _) ->
 	{error, 'Pseudo-headers were found after regular headers. (RFC7540 8.1.2.1)'};
 regular_headers([{<<"connection">>, _}|_], _) ->
-- 
cgit v1.2.3