File apache2-CVE-2016-8743-2.patch of Package apache2.18661
--- a/server/protocol.c 2017/06/28 23:30:15 1800214
+++ b/server/protocol.c 2017/06/29 00:16:27 1800215
@@ -1088,8 +1088,12 @@
return;
}
- /* last character of field-name */
- tmp_field = value - (value > last_field ? 1 : 0);
+ if (value == last_field) {
+ r->status = HTTP_BAD_REQUEST;
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(03453)
+ "Request header field name was empty");
+ return;
+ }
*value++ = '\0'; /* NUL-terminate at colon */
@@ -1112,13 +1116,6 @@
" bad whitespace");
return;
}
-
- if (tmp_field == last_field) {
- r->status = HTTP_BAD_REQUEST;
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(03453)
- "Request header field name was empty");
- return;
- }
}
else /* Using strict RFC7230 parsing */
{