summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--methods/server.cc35
-rwxr-xr-xtest/integration/test-bug-778375-server-has-no-reason-phrase1
-rw-r--r--test/interactive-helper/aptwebserver.cc3
3 files changed, 20 insertions, 19 deletions
diff --git a/methods/server.cc b/methods/server.cc
index 0888617b1..3f0e88457 100644
--- a/methods/server.cc
+++ b/methods/server.cc
@@ -101,25 +101,7 @@ bool ServerState::HeaderLine(string Line)
if (Line.empty() == true)
return true;
- string::size_type Pos = Line.find(' ');
- if (Pos == string::npos || Pos+1 > Line.length())
- {
- // Blah, some servers use "connection:closes", evil.
- Pos = Line.find(':');
- if (Pos == string::npos || Pos + 2 > Line.length())
- return _error->Error(_("Bad header line"));
- Pos++;
- }
-
- // Parse off any trailing spaces between the : and the next word.
- string::size_type Pos2 = Pos;
- while (Pos2 < Line.length() && isspace_ascii(Line[Pos2]) != 0)
- Pos2++;
-
- string Tag = string(Line,0,Pos);
- string Val = string(Line,Pos2);
-
- if (stringcasecmp(Tag.c_str(),Tag.c_str()+4,"HTTP") == 0)
+ if (Line.size() > 4 && stringcasecmp(Line.data(), Line.data()+4, "HTTP") == 0)
{
// Evil servers return no version
if (Line[4] == '/')
@@ -163,6 +145,21 @@ bool ServerState::HeaderLine(string Line)
return true;
}
+ // Blah, some servers use "connection:closes", evil.
+ // and some even send empty header fields…
+ string::size_type Pos = Line.find(':');
+ if (Pos == string::npos)
+ return _error->Error(_("Bad header line"));
+ ++Pos;
+
+ // Parse off any trailing spaces between the : and the next word.
+ string::size_type Pos2 = Pos;
+ while (Pos2 < Line.length() && isspace_ascii(Line[Pos2]) != 0)
+ Pos2++;
+
+ string const Tag(Line,0,Pos);
+ string const Val(Line,Pos2);
+
if (stringcasecmp(Tag,"Content-Length:") == 0)
{
if (Encoding == Closes)
diff --git a/test/integration/test-bug-778375-server-has-no-reason-phrase b/test/integration/test-bug-778375-server-has-no-reason-phrase
index bce41235f..28e31e069 100755
--- a/test/integration/test-bug-778375-server-has-no-reason-phrase
+++ b/test/integration/test-bug-778375-server-has-no-reason-phrase
@@ -11,6 +11,7 @@ echo 'found' > aptarchive/working
changetohttpswebserver -o 'aptwebserver::redirect::replace::/redirectme/=/' \
-o 'aptwebserver::httpcode::200=200' -o 'aptwebserver::httpcode::404=404' \
-o 'aptwebserver::httpcode::301=301'
+webserverconfig 'aptwebserver::empty-response-header::' 'foobar'
testdownload() {
rm -f downfile
diff --git a/test/interactive-helper/aptwebserver.cc b/test/interactive-helper/aptwebserver.cc
index 817760ec3..c32f286b2 100644
--- a/test/interactive-helper/aptwebserver.cc
+++ b/test/interactive-helper/aptwebserver.cc
@@ -122,6 +122,9 @@ static bool sendHead(int const client, int const httpcode, std::list<std::string
_config->Set("APTWebserver::Last-Status-Code", httpcode);
std::stringstream buffer;
+ auto const empties = _config->FindVector("aptwebserver::empty-response-header");
+ for (auto && e: empties)
+ buffer << e << ":" << std::endl;
_config->Dump(buffer, "aptwebserver::response-header", "%t: %v%n", false);
std::vector<std::string> addheaders = VectorizeString(buffer.str(), '\n');
for (std::vector<std::string>::const_iterator h = addheaders.begin(); h != addheaders.end(); ++h)