On Wed, Jun 28, 2017 at 4:33 AM, <[email protected]> wrote:
> Author: wrowe
> Date: Wed Jun 28 02:33:29 2017
> New Revision: 1800111
>
> URL: http://svn.apache.org/viewvc?rev=1800111&view=rev
> Log:
> Appears to resolve the issue to permit single-char fieldnames; PR61220
>
> Modified:
> httpd/httpd/trunk/server/protocol.c
>
> Modified: httpd/httpd/trunk/server/protocol.c
> URL:
> http://svn.apache.org/viewvc/httpd/httpd/trunk/server/protocol.c?rev=1800111&r1=1800110&r2=1800111&view=diff
> ==============================================================================
> --- httpd/httpd/trunk/server/protocol.c (original)
> +++ httpd/httpd/trunk/server/protocol.c Wed Jun 28 02:33:29 2017
> @@ -1111,7 +1111,7 @@ AP_DECLARE(void) ap_get_mime_headers_cor
> return;
> }
>
> - if (tmp_field == last_field) {
> + if (tmp_field == last_field && !*last_field) {
> r->status = HTTP_BAD_REQUEST;
> ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
> APLOGNO(03453)
> "Request header field name was empty");
>
Looks like the code after the patch below would be simpler and work too :
Index: server/protocol.c
===================================================================
--- server/protocol.c (revision 1800151)
+++ server/protocol.c (working copy)
@@ -1081,8 +1081,12 @@ AP_DECLARE(void) ap_get_mime_headers_core(request_
return;
}
- /* last character of field-name */
- tmp_field = value - (value > last_field ? 1 : 0);
+ if (value == last_field) {
+ r->status = HTTP_BAD_REQUEST;
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
+ "Request header field name was empty");
+ return;
+ }
*value++ = '\0'; /* NUL-terminate at colon */
@@ -1105,13 +1109,6 @@ AP_DECLARE(void) ap_get_mime_headers_core(request_
" bad whitespace");
return;
}
-
- if (tmp_field == last_field) {
- r->status = HTTP_BAD_REQUEST;
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
- "Request header field name was empty");
- return;
- }
}
else /* Using strict RFC7230 parsing */
{
_
