aboutsummaryrefslogtreecommitdiffstats
path: root/buckets/response_buckets.c
diff options
context:
space:
mode:
Diffstat (limited to 'buckets/response_buckets.c')
-rw-r--r--buckets/response_buckets.c39
1 files changed, 27 insertions, 12 deletions
diff --git a/buckets/response_buckets.c b/buckets/response_buckets.c
index 39518bbd856e..eb72ef9906f6 100644
--- a/buckets/response_buckets.c
+++ b/buckets/response_buckets.c
@@ -1,16 +1,21 @@
-/* Copyright 2002-2004 Justin Erenkrantz and Greg Stein
+/* ====================================================================
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * http://www.apache.org/licenses/LICENSE-2.0
*
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ * ====================================================================
*/
#include <apr_lib.h>
@@ -128,7 +133,17 @@ static apr_status_t parse_status_line(response_context_t *ctx,
int res;
char *reason; /* ### stupid APR interface makes this non-const */
- /* ctx->linebuf.line should be of form: HTTP/1.1 200 OK */
+ /* Ensure a valid length, to avoid overflow on the final '\0' */
+ if (ctx->linebuf.used >= SERF_LINEBUF_LIMIT) {
+ return SERF_ERROR_BAD_HTTP_RESPONSE;
+ }
+
+ /* apr_date_checkmask assumes its arguments are valid C strings */
+ ctx->linebuf.line[ctx->linebuf.used] = '\0';
+
+ /* ctx->linebuf.line should be of form: 'HTTP/1.1 200 OK',
+ but we also explicitly allow the forms 'HTTP/1.1 200' (no reason)
+ and 'HTTP/1.1 401.1 Logon failed' (iis extended error codes) */
res = apr_date_checkmask(ctx->linebuf.line, "HTTP/#.# ###*");
if (!res) {
/* Not an HTTP response? Well, at least we won't understand it. */