[git commit] httpd: skip "Status: " from CGI, including space. Closes 10291
Denys Vlasenko
vda.linux at googlemail.com
Fri Sep 1 15:06:12 UTC 2017
commit: https://git.busybox.net/busybox/commit/?id=94aaf4b5d3c649a281299aedba08ce1939780fb4
branch: https://git.busybox.net/busybox/commit/?id=refs/heads/master
Signed-off-by: Denys Vlasenko <vda.linux at googlemail.com>
---
networking/httpd.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/networking/httpd.c b/networking/httpd.c
index 9369de8..c823835 100644
--- a/networking/httpd.c
+++ b/networking/httpd.c
@@ -1371,12 +1371,13 @@ static NOINLINE void cgi_io_loop_and_exit(int fromCgi_rd, int toCgi_wr, int post
out_cnt += count;
count = 0;
/* "Status" header format is: "Status: 302 Redirected\r\n" */
- if (out_cnt >= 7 && memcmp(rbuf, "Status:", 7) == 0) {
+ if (out_cnt >= 8 && memcmp(rbuf, "Status: ", 8) == 0) {
/* send "HTTP/1.0 " */
if (full_write(STDOUT_FILENO, HTTP_200, 9) != 9)
break;
- rbuf += 7; /* skip "Status:" */
- count = out_cnt - 7;
+ /* skip "Status: " (including space, sending "HTTP/1.0 NNN" is wrong) */
+ rbuf += 8;
+ count = out_cnt - 8;
out_cnt = -1; /* buffering off */
} else if (out_cnt >= 4) {
/* Did CGI add "HTTP"? */
More information about the busybox-cvs
mailing list