diff options
Diffstat (limited to 'src/http/ngx_http_parse.c')
| -rw-r--r-- | src/http/ngx_http_parse.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/src/http/ngx_http_parse.c b/src/http/ngx_http_parse.c index 9f9947316..36220fdc1 100644 --- a/src/http/ngx_http_parse.c +++ b/src/http/ngx_http_parse.c @@ -723,6 +723,11 @@ ngx_http_parse_request_line(ngx_http_request_t *r, ngx_buf_t *b) } r->http_major = ch - '0'; + + if (r->http_major > 1) { + return NGX_HTTP_PARSE_INVALID_VERSION; + } + state = sw_major_digit; break; @@ -737,11 +742,12 @@ ngx_http_parse_request_line(ngx_http_request_t *r, ngx_buf_t *b) return NGX_HTTP_PARSE_INVALID_REQUEST; } - if (r->http_major > 99) { - return NGX_HTTP_PARSE_INVALID_REQUEST; + r->http_major = r->http_major * 10 + ch - '0'; + + if (r->http_major > 1) { + return NGX_HTTP_PARSE_INVALID_VERSION; } - r->http_major = r->http_major * 10 + ch - '0'; break; /* first digit of minor HTTP version */ |