diff options
-rw-r--r-- | methods/server.cc | 35 | ||||
-rwxr-xr-x | test/integration/test-bug-778375-server-has-no-reason-phrase | 1 | ||||
-rw-r--r-- | test/interactive-helper/aptwebserver.cc | 3 |
3 files changed, 20 insertions, 19 deletions
diff --git a/methods/server.cc b/methods/server.cc index 2dc0b54b8..adc242538 100644 --- a/methods/server.cc +++ b/methods/server.cc @@ -102,25 +102,7 @@ bool ServerState::HeaderLine(string Line) if (Line.empty() == true) return true; - string::size_type Pos = Line.find(' '); - if (Pos == string::npos || Pos+1 > Line.length()) - { - // Blah, some servers use "connection:closes", evil. - Pos = Line.find(':'); - if (Pos == string::npos || Pos + 2 > Line.length()) - return _error->Error(_("Bad header line")); - Pos++; - } - - // Parse off any trailing spaces between the : and the next word. - string::size_type Pos2 = Pos; - while (Pos2 < Line.length() && isspace_ascii(Line[Pos2]) != 0) - Pos2++; - - string Tag = string(Line,0,Pos); - string Val = string(Line,Pos2); - - if (stringcasecmp(Tag.c_str(),Tag.c_str()+4,"HTTP") == 0) + if (Line.size() > 4 && stringcasecmp(Line.data(), Line.data()+4, "HTTP") == 0) { // Evil servers return no version if (Line[4] == '/') @@ -164,6 +146,21 @@ bool ServerState::HeaderLine(string Line) return true; } + // Blah, some servers use "connection:closes", evil. + // and some even send empty header fields… + string::size_type Pos = Line.find(':'); + if (Pos == string::npos) + return _error->Error(_("Bad header line")); + ++Pos; + + // Parse off any trailing spaces between the : and the next word. + string::size_type Pos2 = Pos; + while (Pos2 < Line.length() && isspace_ascii(Line[Pos2]) != 0) + Pos2++; + + string const Tag(Line,0,Pos); + string const Val(Line,Pos2); + if (stringcasecmp(Tag,"Content-Length:") == 0) { if (Encoding == Closes) diff --git a/test/integration/test-bug-778375-server-has-no-reason-phrase b/test/integration/test-bug-778375-server-has-no-reason-phrase index bce41235f..28e31e069 100755 --- a/test/integration/test-bug-778375-server-has-no-reason-phrase +++ b/test/integration/test-bug-778375-server-has-no-reason-phrase @@ -11,6 +11,7 @@ echo 'found' > aptarchive/working changetohttpswebserver -o 'aptwebserver::redirect::replace::/redirectme/=/' \ -o 'aptwebserver::httpcode::200=200' -o 'aptwebserver::httpcode::404=404' \ -o 'aptwebserver::httpcode::301=301' +webserverconfig 'aptwebserver::empty-response-header::' 'foobar' testdownload() { rm -f downfile diff --git a/test/interactive-helper/aptwebserver.cc b/test/interactive-helper/aptwebserver.cc index 3e91406ab..2c57877b4 100644 --- a/test/interactive-helper/aptwebserver.cc +++ b/test/interactive-helper/aptwebserver.cc @@ -122,6 +122,9 @@ static bool sendHead(int const client, int const httpcode, std::list<std::string _config->Set("APTWebserver::Last-Status-Code", httpcode); std::stringstream buffer; + auto const empties = _config->FindVector("aptwebserver::empty-response-header"); + for (auto && e: empties) + buffer << e << ":" << std::endl; _config->Dump(buffer, "aptwebserver::response-header", "%t: %v%n", false); std::vector<std::string> addheaders = VectorizeString(buffer.str(), '\n'); for (std::vector<std::string>::const_iterator h = addheaders.begin(); h != addheaders.end(); ++h) |