On Wed, Jun 28, 2017 at 4:33 AM, wrote:
> Author: wrowe
> Date: Wed Jun 28 02:33:29 2017
> New Revision: 1800111
>
> URL: http://svn.apache.org/viewvc?rev=1800111=rev
> Log:
> Appears to resolve the issue to permit single-char fieldnames; PR61220
>
> Modified:
> httpd/httpd/trunk/server/protocol.c
>
> Modified: httpd/httpd/trunk/server/protocol.c
> URL:
> http://svn.apache.org/viewvc/httpd/httpd/trunk/server/protocol.c?rev=1800111=1800110=1800111=diff
> ==
> --- httpd/httpd/trunk/server/protocol.c (original)
> +++ httpd/httpd/trunk/server/protocol.c Wed Jun 28 02:33:29 2017
> @@ -,7 +,7 @@ AP_DECLARE(void) ap_get_mime_headers_cor
> return;
> }
>
> -if (tmp_field == last_field) {
> +if (tmp_field == last_field && !*last_field) {
> r->status = HTTP_BAD_REQUEST;
> ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
> APLOGNO(03453)
>"Request header field name was empty");
>
Looks like the code after the patch below would be simpler and work too :
Index: server/protocol.c
===
--- server/protocol.c(revision 1800151)
+++ server/protocol.c(working copy)
@@ -1081,8 +1081,12 @@ AP_DECLARE(void) ap_get_mime_headers_core(request_
return;
}
-/* last character of field-name */
-tmp_field = value - (value > last_field ? 1 : 0);
+if (value == last_field) {
+r->status = HTTP_BAD_REQUEST;
+ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
+ "Request header field name was empty");
+return;
+}
*value++ = '\0'; /* NUL-terminate at colon */
@@ -1105,13 +1109,6 @@ AP_DECLARE(void) ap_get_mime_headers_core(request_
" bad whitespace");
return;
}
-
-if (tmp_field == last_field) {
-r->status = HTTP_BAD_REQUEST;
-ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
- "Request header field name was empty");
-return;
-}
}
else /* Using strict RFC7230 parsing */
{
_