From 8e201fec7b2208d3aa2dbc897abbe986dee3963c Mon Sep 17 00:00:00 2001
From: Justin Maggard <jmaggard@netgear.com>
Date: Thu, 30 Jul 2015 13:44:42 -0700
Subject: [PATCH] upnphttp: Check for invalid Content-Length header.

---
 upnphttp.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/upnphttp.c b/upnphttp.c
index c59f8cf..6e03635 100644
--- a/upnphttp.c
+++ b/upnphttp.c
@@ -161,7 +161,10 @@ ParseHttpHeaders(struct upnphttp * h)
 				p = colon;
 				while(*p && (*p < '0' || *p > '9'))
 					p++;
-				h->req_contentlen = atoi(p);
+				if(h->req_contentlen < 0) {
+					DPRINTF(E_WARN, L_HTTP, "Invalid Content-Length %d", h->req_contentlen);
+					h->req_contentlen = 0;
+				}
 			}
 			else if(strncasecmp(line, "SOAPAction", 10)==0)
 			{
@@ -408,9 +411,7 @@ ParseHttpHeaders(struct upnphttp * h)
 next_header:
 		line = strstr(line, "\r\n");
 		if (!line)
-		{
 			return;
-		}
 		line += 2;
 	}
 	if( h->reqflags & FLAG_CHUNKED )