diff options
author | Reyk Floeter <reyk@cvs.openbsd.org> | 2014-09-15 08:00:28 +0000 |
---|---|---|
committer | Reyk Floeter <reyk@cvs.openbsd.org> | 2014-09-15 08:00:28 +0000 |
commit | 5629a228bd7273bd4c316900845625fb2e009db8 (patch) | |
tree | 1a91ed632a08ba82b55e2eaf4b153abd025200ba /usr.sbin/httpd | |
parent | bface078307eda1b67c54a390debbb5617aa7819 (diff) |
Make the HTTP version mandatory and abort if it is missing in the request.
Diffstat (limited to 'usr.sbin/httpd')
-rw-r--r-- | usr.sbin/httpd/server_http.c | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/usr.sbin/httpd/server_http.c b/usr.sbin/httpd/server_http.c index 1d0f29716d7..3735131b88f 100644 --- a/usr.sbin/httpd/server_http.c +++ b/usr.sbin/httpd/server_http.c @@ -1,4 +1,4 @@ -/* $OpenBSD: server_http.c,v 1.49 2014/09/10 15:39:57 reyk Exp $ */ +/* $OpenBSD: server_http.c,v 1.50 2014/09/15 08:00:27 reyk Exp $ */ /* * Copyright (c) 2006 - 2014 Reyk Floeter <reyk@openbsd.org> @@ -229,18 +229,20 @@ server_read_http(struct bufferevent *bev, void *arg) goto fail; } desc->http_version = strchr(desc->http_path, ' '); - if (desc->http_version != NULL) - *desc->http_version++ = '\0'; + if (desc->http_version == NULL) { + free(line); + goto fail; + } + *desc->http_version++ = '\0'; desc->http_query = strchr(desc->http_path, '?'); if (desc->http_query != NULL) *desc->http_query++ = '\0'; /* * Have to allocate the strings because they could - * be changed independetly by the filters later. + * be changed independently by the filters later. */ - if (desc->http_version != NULL && - (desc->http_version = + if ((desc->http_version = strdup(desc->http_version)) == NULL) { free(line); goto fail; |