httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From wr...@apache.org
Subject svn commit: r1757593 - /httpd/httpd/trunk/server/protocol.c
Date Thu, 25 Aug 2016 02:45:18 GMT
Author: wrowe
Date: Thu Aug 25 02:45:18 2016
New Revision: 1757593

URL: http://svn.apache.org/viewvc?rev=1757593&view=rev
Log:

Also catch invalid spaces between the URI <> Protocol in StrictWhitespace mode.
(matching the test for the Method <> URI)


Modified:
    httpd/httpd/trunk/server/protocol.c

Modified: httpd/httpd/trunk/server/protocol.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/server/protocol.c?rev=1757593&r1=1757592&r2=1757593&view=diff
==============================================================================
--- httpd/httpd/trunk/server/protocol.c (original)
+++ httpd/httpd/trunk/server/protocol.c Thu Aug 25 02:45:18 2016
@@ -707,6 +707,12 @@ static int read_request_line(request_rec
         goto rrl_done;
     }
 
+    /* Verify uri terminated with a single SP, otherwise mark in error */
+    if (strictspaces && ll[0] && (ll[0] != ' ' || apr_isspace(ll[1]))
+            && deferred_error == rrl_none) {
+        deferred_error = rrl_excesswhitespace; 
+    }
+
     /* Advance protocol pointer over leading whitespace,
      * then NUL terminate the uri string
      */



Mime
View raw message