View | Details | Raw Unified | Return to bug 44995
Collapse All | Expand All

(-)modules/http/http_filters.c (-5 / +14 lines)
Lines 802-813 Link Here
802
{
802
{
803
    char *end;
803
    char *end;
804
    if (r->status_line
804
    if (r->status_line) {
805
        && (strlen(r->status_line) <= 4
805
        int len = strlen(r->status_line);
806
        if (len < 3
806
            || apr_strtoi64(r->status_line, &end, 10) != r->status
807
            || apr_strtoi64(r->status_line, &end, 10) != r->status
807
            || *end != ' '
808
            || (end - 3) != r->status_line
808
            || (end - 3) != r->status_line)) {
809
            || (len >= 4 && ! apr_isspace(r->status_line[3]))) {
809
        r->status_line = NULL;
810
            r->status_line = NULL;
811
        }
812
        /* Since we passed the above check, we know that length three
813
         * is equivalent to only a 3 digit numeric http status.
814
         * RFC2616 mandates a trailing space, let's add it.
815
         */
816
        else if (len == 3) {
817
            r->status_line = apr_pstrcat(r->pool, r->status_line, " ");
818
        }
810
    }
819
    }
811
}
820
}

Return to bug 44995