upnphttp: Kill strange HTTP request parsing

Avoid reading uninitialized memory on malicious HTTP requests. Fixes: Bug #293 - upnphttp.c ProcessHttpQuery_upnphttp() Function HTTP Request Handling Remote DoS
2016-09-28 18:44:58 -07:00 · 2016-09-28 18:44:58 -07:00 · 8a996b4b62
commit 8a996b4b62
parent da91cb8de2
1 changed files with 0 additions and 6 deletions
--- a/upnphttp.c
+++ b/upnphttp.c
@ -827,12 +827,6 @@ ProcessHttpQuery_upnphttp(struct upnphttp * h)
 	HttpCommand[i] = '\0';
 	while(*p==' ')
 		p++;
-	if(strncmp(p, "http://", 7) == 0)
-	{
-		p = p+7;
-		while(*p!='/')
-			p++;
-	}
 	for(i = 0; i<511 && *p && *p != ' ' && *p != '\r'; i++)
 		HttpUrl[i] = *(p++);
 	HttpUrl[i] = '\0';