summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid Kalnischkies <david@kalnischkies.de>2017-07-24 09:45:51 +0200
committerDavid Kalnischkies <david@kalnischkies.de>2017-07-26 19:07:56 +0200
commit1c5f13d489688e5fbbcdd3d0d2dd766769639939 (patch)
tree3f8760cd7ee2939a20339c3cda6795f4b9bdf2a0
parent8df85a4fb91bed6c79a3cb9c2000881cc5b42ea7 (diff)
don't try to parse all fields starting with HTTP as status-line
It is highly unlikely to encounter fields which start with HTTP in practice, but we should really be a bit more restrictive here.
Diffstat
-rw-r--r--methods/basehttp.cc2
-rwxr-xr-xtest/integration/test-bug-778375-server-has-no-reason-phrase2
2 files changed, 3 insertions, 1 deletions
diff --git a/methods/basehttp.cc b/methods/basehttp.cc
index c3d570c83..47dabf960 100644
--- a/methods/basehttp.cc
+++ b/methods/basehttp.cc
@@ -85,7 +85,7 @@ bool RequestState::HeaderLine(string const &Line) /*{{{*/
if (Line.empty() == true)
return true;
- if (Line.size() > 4 && stringcasecmp(Line.data(), Line.data()+4, "HTTP") == 0)
+ if (Result == 0 && Line.size() > 4 && stringcasecmp(Line.data(), Line.data() + 4, "HTTP") == 0)
{
// Evil servers return no version
if (Line[4] == '/')
diff --git a/test/integration/test-bug-778375-server-has-no-reason-phrase b/test/integration/test-bug-778375-server-has-no-reason-phrase
index 28e31e069..e04f4850f 100755
--- a/test/integration/test-bug-778375-server-has-no-reason-phrase
+++ b/test/integration/test-bug-778375-server-has-no-reason-phrase
@@ -12,6 +12,8 @@ changetohttpswebserver -o 'aptwebserver::redirect::replace::/redirectme/=/' \
-o 'aptwebserver::httpcode::200=200' -o 'aptwebserver::httpcode::404=404' \
-o 'aptwebserver::httpcode::301=301'
webserverconfig 'aptwebserver::empty-response-header::' 'foobar'
+webserverconfig 'aptwebserver::response-header::HTTP-Trigger-Field' 'bug'
+webserverconfig 'aptwebserver::response-header::Httputter-Trigger-Field' 'bug'
testdownload() {
rm -f downfile
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-15 00:09:49 +0000