On Fri, Dec 2, 2016 at 6:26 PM, William A Rowe Jr <wr...@rowe-clan.net> wrote:
> FWIW, did you actually fix this on truck and convey the backport > svn rev no? > I see you sort-of have... please convey the svn commit r1772418 to your branch commit --revprop svn:log history, and I think we are all good. > On Fri, Dec 2, 2016 at 6:25 PM, William A Rowe Jr <wr...@rowe-clan.net> > wrote: > >> That is code I'm less familiar with, but will give it careful scrutiny >> tomorrow. >> >> >> On Fri, Dec 2, 2016 at 6:12 PM, Eric Covener <cove...@gmail.com> wrote: >> >>> probably wiser ways to fix but I didn't want to sit on it. >>> >>> On Fri, Dec 2, 2016 at 7:10 PM, <cove...@apache.org> wrote: >>> > Author: covener >>> > Date: Sat Dec 3 00:10:31 2016 >>> > New Revision: 1772418 >>> > >>> > URL: http://svn.apache.org/viewvc?rev=1772418&view=rev >>> > Log: >>> > loop in checking response headers >>> > >>> > w/ HTTPProtocolOptions Unsafe >>> > >>> > Modified: >>> > httpd/httpd/trunk/modules/http/http_filters.c >>> > >>> > Modified: httpd/httpd/trunk/modules/http/http_filters.c >>> > URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/http/ >>> http_filters.c?rev=1772418&r1=1772417&r2=1772418&view=diff >>> > ============================================================ >>> ================== >>> > --- httpd/httpd/trunk/modules/http/http_filters.c (original) >>> > +++ httpd/httpd/trunk/modules/http/http_filters.c Sat Dec 3 00:10:31 >>> 2016 >>> > @@ -667,6 +667,7 @@ static int check_header(void *arg, const >>> > /* Simply terminate scanning on a CTL char, allowing >>> whitespace */ >>> > test = val; >>> > do { >>> > + while (*test == ' ' || *test == '\t') test++; >>> > test = ap_scan_vchar_obstext(test); >>> > } while (*test == ' ' || *test == '\t'); >>> > } >>> > >>> > >>> >>> >>> >>> -- >>> Eric Covener >>> cove...@gmail.com >>> >> >> >