summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorValentin Bartenev <vbart@nginx.com>2018-01-24 15:02:56 +0300
committerValentin Bartenev <vbart@nginx.com>2018-01-24 15:02:56 +0300
commit477e8177b70acb694759e62d830b8a311a736324 (patch)
tree1e0ca9e93a37daa3110dcd3baa862c604019cdd2
parent7e3480b04640ba94a0a94aa95fd9ee5188732b22 (diff)
downloadunit-477e8177b70acb694759e62d830b8a311a736324.tar.gz
unit-477e8177b70acb694759e62d830b8a311a736324.tar.bz2
HTTP parser: restricting control chars in header fields values.
This also fixes an infinite loop here (found with honggfuzz).
Diffstat (limited to '')
-rw-r--r--src/nxt_http_parse.c4
1 files changed, 1 insertions, 3 deletions
diff --git a/src/nxt_http_parse.c b/src/nxt_http_parse.c
index 975fdd98..7393e19e 100644
--- a/src/nxt_http_parse.c
+++ b/src/nxt_http_parse.c
@@ -650,9 +650,7 @@ nxt_http_parse_field_value(nxt_http_request_parse_t *rp, u_char **pos,
break;
}
- if (ch == '\0') {
- return NXT_HTTP_PARSE_INVALID;
- }
+ return NXT_HTTP_PARSE_INVALID;
}
if (nxt_fast_path(p != *pos)) {