File apache2-CVE-2016-8743-2.patch of Package apache2.18661

--- a/server/protocol.c	2017/06/28 23:30:15	1800214
+++ b/server/protocol.c	2017/06/29 00:16:27	1800215
@@ -1088,8 +1088,12 @@
                     return;
                 }
 
-                /* last character of field-name */
-                tmp_field = value - (value > last_field ? 1 : 0);
+                if (value == last_field) {
+                    r->status = HTTP_BAD_REQUEST;
+                    ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(03453)
+                                  "Request header field name was empty");
+                    return;
+                }
 
                 *value++ = '\0'; /* NUL-terminate at colon */
 
@@ -1112,13 +1116,6 @@
                                   " bad whitespace");
                     return;
                 }
-
-                if (tmp_field == last_field) {
-                    r->status = HTTP_BAD_REQUEST;
-                    ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(03453)
-                                  "Request header field name was empty");
-                    return;
-                }
             }
             else /* Using strict RFC7230 parsing */
             {


openSUSE Build Service is sponsored by