From: Catalin Patulea <catalinp@google.com>
Date: Tue, 10 Jan 2012 23:33:58 +0000 (-0500)
Subject: Force strict validation of HTTP version in response.
X-Git-Tag: release-2.0.17-stable~20
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=790f6b3b10462db3e7581eff1355b1de9950d514;p=libevent

Force strict validation of HTTP version in response.

This sometimes accepted invalid versions like 'ICY' (n = 0, major = undefined, sometimes > 1).
---

diff --git a/http.c b/http.c
index 8676c89b..a234187a 100644
--- a/http.c
+++ b/http.c
@@ -1469,7 +1469,7 @@ evhttp_parse_http_version(const char *version, struct evhttp_request *req)
 	int major, minor;
 	char ch;
 	int n = sscanf(version, "HTTP/%d.%d%c", &major, &minor, &ch);
-	if (n > 2 || major > 1) {
+	if (n != 2 || major > 1) {
 		event_debug(("%s: bad version %s on message %p from %s",
 			__func__, version, req, req->remote_host));
 		return (-1);