diff options
| author | Denys Vlasenko | 2017-09-01 17:06:12 +0200 |
|---|---|---|
| committer | Denys Vlasenko | 2017-09-01 17:06:12 +0200 |
| commit | 94aaf4b5d3c649a281299aedba08ce1939780fb4 (patch) | |
| tree | 8320cc26d31a1ad2975e3728ddb3b1f2703c9591 | |
| parent | e39da802dd6d3ccfb95865139f98b184db0e175b (diff) | |
| download | busybox-94aaf4b5d3c649a281299aedba08ce1939780fb4.zip busybox-94aaf4b5d3c649a281299aedba08ce1939780fb4.tar.gz | |
httpd: skip "Status: " from CGI, including space. Closes 10291
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| -rw-r--r-- | networking/httpd.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/networking/httpd.c b/networking/httpd.c index 9369de8..c823835 100644 --- a/networking/httpd.c +++ b/networking/httpd.c @@ -1371,12 +1371,13 @@ static NOINLINE void cgi_io_loop_and_exit(int fromCgi_rd, int toCgi_wr, int post out_cnt += count; count = 0; /* "Status" header format is: "Status: 302 Redirected\r\n" */ - if (out_cnt >= 7 && memcmp(rbuf, "Status:", 7) == 0) { + if (out_cnt >= 8 && memcmp(rbuf, "Status: ", 8) == 0) { /* send "HTTP/1.0 " */ if (full_write(STDOUT_FILENO, HTTP_200, 9) != 9) break; - rbuf += 7; /* skip "Status:" */ - count = out_cnt - 7; + /* skip "Status: " (including space, sending "HTTP/1.0 NNN" is wrong) */ + rbuf += 8; + count = out_cnt - 8; out_cnt = -1; /* buffering off */ } else if (out_cnt >= 4) { /* Did CGI add "HTTP"? */ |