=== modified file 'src/HttpHdrRange.cc' --- src/HttpHdrRange.cc 2012-12-25 19:43:38 +0000 +++ src/HttpHdrRange.cc 2012-12-27 21:02:52 +0000 @@ -85,7 +85,7 @@ bool HttpHdrRangeSpec::parseInit(const char *field, int flen) { - const char *p; + if (flen < 2) return false; @@ -94,36 +94,37 @@ if (*field == '-') { if (!httpHeaderParseOffset(field + 1, &length)) return false; - } else + } else { /* must have a '-' somewhere in _this_ field */ - if (!((p = strchr(field, '-')) && (p - field < flen))) { + const char *p = strchr(field, '-'); + if (!p || !(p - field < flen)) { debugs(64, 2, "invalid (missing '-') range-spec near: '" << field << "'"); return false; - } else { - if (!httpHeaderParseOffset(field, &offset)) - return false; - - ++p; - - /* do we have last-pos ? */ - if (p - field < flen) { - int64_t last_pos; - - if (!httpHeaderParseOffset(p, &last_pos)) - return false; - - // RFC 2616 s14.35.1 MUST: last-byte-pos >= first-byte-pos - if (last_pos < offset) { - debugs(64, 2, "invalid (last-byte-pos < first-byte-pos) range-spec near: " << field); - return false; - } - - HttpHdrRangeSpec::HttpRange aSpec (offset, last_pos + 1); - - length = aSpec.size(); + } + + if (!httpHeaderParseOffset(field, &offset)) + return false; + + ++p; + + /* do we have last-pos ? */ + if (p - field < flen) { + int64_t last_pos; + + if (!httpHeaderParseOffset(p, &last_pos)) + return false; + + // RFC 2616 s14.35.1 MUST: last-byte-pos >= first-byte-pos + if (last_pos < offset) { + debugs(64, 2, "invalid (last-byte-pos < first-byte-pos) range-spec near: " << field); + return false; } + + HttpHdrRangeSpec::HttpRange aSpec (offset, last_pos + 1); + + length = aSpec.size(); } - + } return true; }