Hi, Attached is the diff for my lighttpd 1.4.15-1.1 NMU.
diff -u lighttpd-1.4.15/debian/changelog lighttpd-1.4.15/debian/changelog
--- lighttpd-1.4.15/debian/changelog
+++ lighttpd-1.4.15/debian/changelog
@@ -1,3 +1,11 @@
+lighttpd (1.4.15-1.1) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * add patches/04_wrapping_headers_bugfix.dpatch to fix crash with wrapping
+ headers (Closes: 428368).
+
+ -- Pierre Habouzit <[EMAIL PROTECTED]> Fri, 20 Jul 2007 11:04:07 +0200
+
lighttpd (1.4.15-1) unstable; urgency=low
* New upstream release (closes: #419131)
diff -u lighttpd-1.4.15/debian/patches/00list
lighttpd-1.4.15/debian/patches/00list
--- lighttpd-1.4.15/debian/patches/00list
+++ lighttpd-1.4.15/debian/patches/00list
@@ -2,0 +3 @@
+04_wrapping_headers_bugfix.dpatch
only in patch2:
unchanged:
--- lighttpd-1.4.15.orig/debian/patches/04_wrapping_headers_bugfix.dpatch
+++ lighttpd-1.4.15/debian/patches/04_wrapping_headers_bugfix.dpatch
@@ -0,0 +1,127 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 04_wrapping_headers_bugfix.dpatch by Pierre Habouzit <[EMAIL PROTECTED]>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: No description.
+
[EMAIL PROTECTED]@
+diff -urNad lighttpd-1.4.15~/src/request.c lighttpd-1.4.15/src/request.c
+--- lighttpd-1.4.15~/src/request.c 2007-04-13 17:26:31.000000000 +0200
++++ lighttpd-1.4.15/src/request.c 2007-07-20 11:03:12.000000000 +0200
+@@ -284,8 +284,6 @@
+
+ int done = 0;
+
+- data_string *ds = NULL;
+-
+ /*
+ * Request: "^(GET|POST|HEAD) ([^ ]+(\\?[^ ]+|)) (HTTP/1\\.[01])$"
+ * Option : "^([-a-zA-Z]+): (.+)$"
+@@ -715,12 +713,24 @@
+ switch(*cur) {
+ case '\r':
+ if (con->parse_request->ptr[i+1] == '\n') {
++ data_string *ds = NULL;
++
+ /* End of Headerline */
+ con->parse_request->ptr[i] = '\0';
+ con->parse_request->ptr[i+1] = '\0';
+
+ if (in_folding) {
+- if (!ds) {
++ buffer *key_b;
++ /**
++ * we use a evil hack to handle
the line-folding
++ *
++ * As array_insert_unique()
deletes 'ds' in the case of a duplicate
++ * ds points somewhere and we
get a evil crash. As a solution we keep the old
++ * "key" and get the current
value from the hash and append us
++ *
++ * */
++
++ if (!key || !key_len) {
+ /* 400 */
+
+ if
(srv->srvconf.log_request_header_on_error) {
+@@ -737,7 +747,15 @@
+
con->response.keep_alive = 0;
+ return 0;
+ }
+- buffer_append_string(ds->value,
value);
++
++ key_b = buffer_init();
++ buffer_copy_string_len(key_b,
key, key_len);
++
++ if (NULL != (ds = (data_string
*)array_get_element(con->request.headers, key_b->ptr))) {
++
buffer_append_string(ds->value, value);
++ }
++
++ buffer_free(key_b);
+ } else {
+ int s_len;
+ key = con->parse_request->ptr +
first;
+@@ -969,7 +987,12 @@
+ first = i+1;
+ is_key = 1;
+ value = 0;
+- key_len = 0;
++#if 0
++ /**
++ * for Bug 1230 keep the key_len a live
++ */
++ key_len = 0;
++#endif
+ in_folding = 0;
+ } else {
+ if
(srv->srvconf.log_request_header_on_error) {
+diff -urNad lighttpd-1.4.15~/tests/core-request.t
lighttpd-1.4.15/tests/core-request.t
+--- lighttpd-1.4.15~/tests/core-request.t 2007-02-08 17:34:47.000000000
+0100
++++ lighttpd-1.4.15/tests/core-request.t 2007-07-20 11:03:12.000000000
+0200
+@@ -8,7 +8,7 @@
+
+ use strict;
+ use IO::Socket;
+-use Test::More tests => 33;
++use Test::More tests => 36;
+ use LightyTest;
+
+ my $tf = LightyTest->new();
+@@ -273,6 +273,38 @@
+ $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
+ ok($tf->handle_http($t) == 0, 'uppercase filenames');
+
++$t->{REQUEST} = ( <<EOF
++GET / HTTP/1.0
++Location: foo
++Location: foobar
++ baz
++EOF
++ );
++$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
++ok($tf->handle_http($t) == 0, '#1209 - duplicate headers with line-wrapping');
++
++$t->{REQUEST} = ( <<EOF
++GET / HTTP/1.0
++Location:
++Location: foobar
++ baz
++EOF
++ );
++$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
++ok($tf->handle_http($t) == 0, '#1209 - duplicate headers with line-wrapping -
test 2');
++
++$t->{REQUEST} = ( <<EOF
++GET / HTTP/1.0
++A:
++Location: foobar
++ baz
++EOF
++ );
++$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
++ok($tf->handle_http($t) == 0, '#1209 - duplicate headers with line-wrapping -
test 3');
++
++
++
+
+ ok($tf->stop_proc == 0, "Stopping lighttpd");
+
pgpkzVI7tBlkx.pgp
Description: PGP signature
