cpp-httplib Denial-of-Service Vulnerability Due to Unrestricted HTTP Header Fields

A denial-of-service vulnerability has been identified in cpp-httplib version 0.21.0. The issue arises because the library does not limit the number of HTTP header fields that can be sent. This lack of restriction allows for an unlimited number of headers to be transmitted, leading to excessive memory consumption. The memory allocated for these headers is not released when the connection is closed, causing potential exhaustion of system resources. As a result, the server may crash or become unresponsive. This vulnerability has been patched in version 0.22.0.

Impact

Exploitation of this vulnerability leads to excessive memory usage, causing the server to crash or become unresponsive. On multi-tenant systems, this could disrupt other applications by depleting available resources.

Reproduction

The vulnerability can be reproduced by sending a large number of HTTP headers to a server using cpp-httplib 0.21.0. This can be done by establishing a connection to the server and sending headers one by one, without closing the connection or indicating the end of the headers. The server will continue to allocate memory for each header, eventually leading to a crash or unresponsiveness.

Remediation

Users can upgrade to cpp-httplib version 0.22.0, which includes a patch for this vulnerability.