From 9207bc51bbdadd457598ea352e5d207d8a6a4e9a Mon Sep 17 00:00:00 2001 From: "Michael Behrns-Miller [case-ubuntu]" Date: Thu, 2 Mar 2017 09:46:41 -0500 Subject: [PATCH] Subject: Buffer index protection in the case where client does not receive content length from HTTP server --- lib/service.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/lib/service.c b/lib/service.c index f233588b..49f35b6b 100644 --- a/lib/service.c +++ b/lib/service.c @@ -646,7 +646,10 @@ spin_chunks: if (wsi->chunked) return 0; - wsi->u.http.content_remain -= n; + /* if we know the content length, decrement the content remaining */ + if (wsi->u.http.content_length > 0) + wsi->u.http.content_remain -= n; + if (wsi->u.http.content_remain || !wsi->u.http.content_length) return 0;