File lighttpd-1.4.x_out_of_bounds_read.patch of Package lighttpd

Index: lighttpd-1.4.35/src/mod_scgi.c
===================================================================
--- lighttpd-1.4.35.orig/src/mod_scgi.c	2017-03-09 14:44:50.146786080 +0100
+++ lighttpd-1.4.35/src/mod_scgi.c	2017-03-09 14:46:11.518863947 +0100
@@ -1871,7 +1871,7 @@ static int scgi_demux_response(server *s
 
 					if (eol == EOL_UNSET) eol = EOL_N;
 
-					if (*(c+1) == '\n') {
+					if ((used > 1) && (*(c+1) == '\n')) {
 						header_end = 1;
 						hlen = cp + 2;
 						break;