summaryrefslogtreecommitdiff
path: root/usr.sbin/httpd
diff options
context:
space:
mode:
authorReyk Floeter <reyk@cvs.openbsd.org>2014-09-15 08:00:28 +0000
committerReyk Floeter <reyk@cvs.openbsd.org>2014-09-15 08:00:28 +0000
commit5629a228bd7273bd4c316900845625fb2e009db8 (patch)
tree1a91ed632a08ba82b55e2eaf4b153abd025200ba /usr.sbin/httpd
parentbface078307eda1b67c54a390debbb5617aa7819 (diff)
Make the HTTP version mandatory and abort if it is missing in the request.
Diffstat (limited to 'usr.sbin/httpd')
-rw-r--r--usr.sbin/httpd/server_http.c14
1 files changed, 8 insertions, 6 deletions
diff --git a/usr.sbin/httpd/server_http.c b/usr.sbin/httpd/server_http.c
index 1d0f29716d7..3735131b88f 100644
--- a/usr.sbin/httpd/server_http.c
+++ b/usr.sbin/httpd/server_http.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: server_http.c,v 1.49 2014/09/10 15:39:57 reyk Exp $ */
+/* $OpenBSD: server_http.c,v 1.50 2014/09/15 08:00:27 reyk Exp $ */
/*
* Copyright (c) 2006 - 2014 Reyk Floeter <reyk@openbsd.org>
@@ -229,18 +229,20 @@ server_read_http(struct bufferevent *bev, void *arg)
goto fail;
}
desc->http_version = strchr(desc->http_path, ' ');
- if (desc->http_version != NULL)
- *desc->http_version++ = '\0';
+ if (desc->http_version == NULL) {
+ free(line);
+ goto fail;
+ }
+ *desc->http_version++ = '\0';
desc->http_query = strchr(desc->http_path, '?');
if (desc->http_query != NULL)
*desc->http_query++ = '\0';
/*
* Have to allocate the strings because they could
- * be changed independetly by the filters later.
+ * be changed independently by the filters later.
*/
- if (desc->http_version != NULL &&
- (desc->http_version =
+ if ((desc->http_version =
strdup(desc->http_version)) == NULL) {
free(line);
goto fail;