aboutsummaryrefslogtreecommitdiff
path: root/src/microhttpd/connection.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/microhttpd/connection.c')
-rw-r--r--src/microhttpd/connection.c22
1 files changed, 14 insertions, 8 deletions
diff --git a/src/microhttpd/connection.c b/src/microhttpd/connection.c
index 19d1c699..960c22db 100644
--- a/src/microhttpd/connection.c
+++ b/src/microhttpd/connection.c
@@ -3183,8 +3183,14 @@ parse_cookie_header (struct MHD_Connection *connection)
3183 3183
3184#endif /* COOKIE_SUPPORT */ 3184#endif /* COOKIE_SUPPORT */
3185 3185
3186
3187/**
3188 * The valid length of any HTTP version string
3189 */
3190#define HTTP_VER_LEN (MHD_STATICSTR_LEN_(MHD_HTTP_VERSION_1_1))
3191
3186/** 3192/**
3187 * Detect HTTP version 3193 * Detect HTTP version, send error response if version is not supported
3188 * 3194 *
3189 * @param connection the connection 3195 * @param connection the connection
3190 * @param http_string the pointer to HTTP version string 3196 * @param http_string the pointer to HTTP version string
@@ -3201,13 +3207,13 @@ parse_http_version (struct MHD_Connection *connection,
3201 mhd_assert (NULL != http_string); 3207 mhd_assert (NULL != http_string);
3202 3208
3203 /* String must start with 'HTTP/d.d', case-sensetive match. 3209 /* String must start with 'HTTP/d.d', case-sensetive match.
3204 * See https://datatracker.ietf.org/doc/html/rfc7230#section-2.6 */ 3210 * See https://www.rfc-editor.org/rfc/rfc9112#name-http-version */
3205 if ((len != 8) || 3211 if ((HTTP_VER_LEN != len) ||
3206 (h[0] != 'H') || (h[1] != 'T') || (h[2] != 'T') || (h[3] != 'P') || 3212 ('H' != h[0] ) || ('T' != h[1]) || ('T' != h[2]) || ('P' != h[3]) ||
3207 (h[4] != '/') 3213 ('/' != h[4])
3208 || (h[6] != '.') || 3214 || ('.' != h[6]) ||
3209 ((h[5] < '0') || (h[5] > '9')) || 3215 (('0' > h[5]) || ('9' < h[5])) ||
3210 ((h[7] < '0') || (h[7] > '9'))) 3216 (('0' > h[7]) || ('9' < h[7])))
3211 { 3217 {
3212 connection->rq.http_ver = MHD_HTTP_VER_INVALID; 3218 connection->rq.http_ver = MHD_HTTP_VER_INVALID;
3213 transmit_error_response_static (connection, 3219 transmit_error_response_static (connection,