fix(aws-lambda): handle invalid header names in request processing (#4883)

* fix(aws-lambda): handle invalid header names in request processing

Co-authored-by: Taku Amano <taku@taaas.jp>

* ci: apply automated fixes

---------

Co-authored-by: Taku Amano <taku@taaas.jp>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>

Author: 3 people

src/adapter/aws-lambda/handler.test.ts

@@ -1,5 +1,11 @@
+import { Hono } from '../../hono'
 import type { LambdaEvent, LatticeProxyEventV2 } from './handler'
-import { getProcessor, isContentEncodingBinary, defaultIsContentTypeBinary } from './handler'
+import {
+  getProcessor,
+  handle,
+  isContentEncodingBinary,
+  defaultIsContentTypeBinary,
+} from './handler'
 
 // Base event objects to reduce duplication
 const baseV1Event: LambdaEvent = {
@@ -360,3 +366,53 @@ describe('EventProcessor.createRequest', () => {
     })
   })
 })
+
+describe('handle', () => {
+  it('Should return 400 when request contains invalid header names (v2)', async () => {
+    const app = new Hono()
+    app.get('/my/path', (c) => c.text('Hello'))
+    const handler = handle(app)
+
+    const event: LambdaEvent = {
+      ...baseV2Event,
+      headers: {
+        'valid-header': 'value',
+        'a"a': 'invalid header name',
+      },
+      requestContext: {
+        ...baseV2Event.requestContext,
+        http: {
+          method: 'GET',
+          path: '/my/path',
+          protocol: 'HTTP/1.1',
+          sourceIp: '192.0.2.1',
+          userAgent: 'agent',
+        },
+      },
+    }
+
+    const result = await handler(event)
+    expect(result.statusCode).toBe(400)
+    expect(result.body).toBe('Invalid request')
+  })
+
+  it('Should return 400 when request contains invalid header names (v1)', async () => {
+    const app = new Hono()
+    app.get('/my/path', (c) => c.text('Hello'))
+    const handler = handle(app)
+
+    const event: LambdaEvent = {
+      ...baseV1Event,
+      headers: {
+        'a"a': 'invalid header name',
+      },
+      multiValueHeaders: {
+        'a"a': ['invalid header name'],
+      },
+    }
+
+    const result = await handler(event)
+    expect(result.statusCode).toBe(400)
+    expect(result.body).toBe('Invalid request')
+  })
+})

src/adapter/aws-lambda/handler.ts

@@ -252,8 +252,18 @@ export const handle = <E extends Env = Env, S extends Schema = {}, BasePath exte
   return async (event, lambdaContext?) => {
     const processor = getProcessor(event)
 
-    const req = processor.createRequest(event)
-    const requestContext = getRequestContext(event)
+    let req, requestContext
+    try {
+      req = processor.createRequest(event)
+      requestContext = getRequestContext(event)
+    } catch (error) {
+      console.error('Error processing request:', error)
+      const errorResponse =
+        error instanceof TypeError
+          ? new Response('Invalid request', { status: 400 })
+          : new Response('Internal Server Error', { status: 500 })
+      return processor.createResult(event, errorResponse, { isContentTypeBinary })
+    }
 
     const res = await app.fetch(req, {
       event,