29 lines
934 B
Diff
29 lines
934 B
Diff
From 5d87635c66aaa01bdf95f6b093b66c3d2768b696 Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de>
|
|
Date: Mon, 25 Mar 2019 16:05:47 +0100
|
|
Subject: [PATCH 82/83] Fix corner case in processing server response
|
|
|
|
* src/http.c (response_head_terminator): Don't access uninitialized data
|
|
* fuzz/wget_read_hunk_fuzzer.c: Sync response_head_terminator()
|
|
---
|
|
fuzz/wget_read_hunk_fuzzer.c | 2 +-
|
|
src/http.c | 2 +-
|
|
2 files changed, 2 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/src/http.c b/src/http.c
|
|
index 304a2f86..289d1101 100644
|
|
--- a/src/http.c
|
|
+++ b/src/http.c
|
|
@@ -553,7 +553,7 @@ response_head_terminator (const char *start, const char *peeked, int peeklen)
|
|
return p + 2;
|
|
}
|
|
/* p==end-2: check for \n\n directly preceding END. */
|
|
- if (p[0] == '\n' && p[1] == '\n')
|
|
+ if (peeklen >= 2 && p[0] == '\n' && p[1] == '\n')
|
|
return p + 2;
|
|
|
|
return NULL;
|
|
--
|
|
2.19.1
|
|
|