![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 0dc4801)
raw | patch | inline | side by side (parent: 0dc4801)
| author | Holger Weiss <hweiss@users.sourceforge.net> | |
| Fri, 15 Jun 2007 18:37:13 +0000 (18:37 +0000) | ||
| committer | Holger Weiss <hweiss@users.sourceforge.net> | |
| Fri, 15 Jun 2007 18:37:13 +0000 (18:37 +0000) |
which spanned multiple lines. However, it was not checked whether extra
lines are preceeded with white space, which could lead to the following
header field name being interpreted as the value of the 'Location:'
field if the latter was empty for some reason.
git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk@1741 f882894a-f735-0410-b71e-b25c423dba1c
lines are preceeded with white space, which could lead to the following
header field name being interpreted as the value of the 'Location:'
field if the latter was empty for some reason.
git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk@1741 f882894a-f735-0410-b71e-b25c423dba1c
| plugins/check_http.c | patch | blob | history |
diff --git a/plugins/check_http.c b/plugins/check_http.c
index f2f7a18a25993870a6c52ec2ef00355c85042dbb..6773e65bcc47c052764461dfbf3b6bc78d1fb32a 100644 (file)
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
}
pos += i;
- pos += strspn (pos, " \t\r\n");
+ pos += strspn (pos, " \t");
+
+ /*
+ * RFC 2616 (4.2): ``Header fields can be extended over multiple lines by
+ * preceding each extra line with at least one SP or HT.''
+ */
+ for (; (i = strspn (pos, "\r\n")); pos += i) {
+ pos += i;
+ if (!(i = strspn (pos, " \t"))) {
+ die (STATE_UNKNOWN, _("HTTP UNKNOWN - Empty redirect location%s\n"),
+ display_html ? "</A>" : "");
+ }
+ }
url = realloc (url, strcspn (pos, "\r\n") + 1);
if (url == NULL)