| https://github.com/curl/curl/commit/beb8990d934a01acf103871e463d4e61afc9ded2 |
| |
| From: Daniel Stenberg <daniel@haxx.se> |
| Date: Fri, 17 Sep 2021 16:31:25 +0200 |
| Subject: [PATCH] http: fix the broken >3 digit response code detection |
| |
| When the "reason phrase" in the HTTP status line starts with a digit, |
| that was treated as the forth response code digit and curl would claim |
| the response to be non-compliant. |
| |
| Added test 1466 to verify this case. |
| |
| Regression brought by 5dc594e44f73b17 |
| Reported-by: Glenn de boer |
| Fixes #7738 |
| Closes #7739 |
| --- a/lib/http.c |
| +++ b/lib/http.c |
| @@ -4232,9 +4232,9 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy *data, |
| char separator; |
| char twoorthree[2]; |
| int httpversion = 0; |
| - int digit4 = -1; /* should remain untouched to be good */ |
| + char digit4 = 0; |
| nc = sscanf(HEADER1, |
| - " HTTP/%1d.%1d%c%3d%1d", |
| + " HTTP/%1d.%1d%c%3d%c", |
| &httpversion_major, |
| &httpversion, |
| &separator, |
| @@ -4250,13 +4250,13 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy *data, |
| |
| /* There can only be a 4th response code digit stored in 'digit4' if |
| all the other fields were parsed and stored first, so nc is 5 when |
| - digit4 is not -1 */ |
| - else if(digit4 != -1) { |
| + digit4 a digit */ |
| + else if(ISDIGIT(digit4)) { |
| failf(data, "Unsupported response code in HTTP response"); |
| return CURLE_UNSUPPORTED_PROTOCOL; |
| } |
| |
| - if((nc == 4) && (' ' == separator)) { |
| + if((nc >= 4) && (' ' == separator)) { |
| httpversion += 10 * httpversion_major; |
| switch(httpversion) { |
| case 10: |
