From 790f6b3b10462db3e7581eff1355b1de9950d514 Mon Sep 17 00:00:00 2001 From: Catalin Patulea Date: Tue, 10 Jan 2012 18:33:58 -0500 Subject: [PATCH] Force strict validation of HTTP version in response. This sometimes accepted invalid versions like 'ICY' (n = 0, major = undefined, sometimes > 1). --- http.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/http.c b/http.c index 8676c89b..a234187a 100644 --- a/http.c +++ b/http.c @@ -1469,7 +1469,7 @@ evhttp_parse_http_version(const char *version, struct evhttp_request *req) int major, minor; char ch; int n = sscanf(version, "HTTP/%d.%d%c", &major, &minor, &ch); - if (n > 2 || major > 1) { + if (n != 2 || major > 1) { event_debug(("%s: bad version %s on message %p from %s", __func__, version, req, req->remote_host)); return (-1); -- 2.40.0