Author :
Ben Kallus
Date :
2024-01-18 16:42:52
Hash :665d79f1 Message :Fix integer overflow in HTTP version (#1541)
Currently, when libevent parses requests with version `HTTP/4294967295.255`, you end up with `req->major == req->minor == (char)-1`. (At least on linux-gnu-x86_64, where `char` is signed.)
This is sort of weird.
This patch changes the version parser to match the grammar in RFCs 7230 and 9112. (i.e. `HTTP/[0-9].[0-9]`)
EDIT: Technically, a little stronger than the RFC requires, since this patch continues to block major versions greater than 1, which was already what libevent was doing.
Ben Kallus