From: William A. Rowe Jr <wrowe@apache.org>
Date: Wed, 9 Nov 2016 14:32:09 +0000 (+0000)
Subject: core: Follow up to r1664205 (previously backported)
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d35b4c08dd43aad67aa94788466ede45fe98d34e;p=thirdparty%2Fapache%2Fhttpd.git

core: Follow up to r1664205 (previously backported)
Don't let invalid r->proto_num/protocol out of read_request_line() reach
the output filters (when responding with 400 Bad Request).
Suggested by: rpluem
Backports: r1664576



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x-merge-http-strict@1768971 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/server/protocol.c b/server/protocol.c
index d11bbcdccc8..9d1cbc57125 100644
--- a/server/protocol.c
+++ b/server/protocol.c
@@ -684,6 +684,9 @@ static int read_request_line(request_rec *r, apr_bucket_brigade *bb)
             ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02418)
                           "Invalid protocol '%s'", r->protocol);
             if (enforce_strict) {
+                r->proto_num = HTTP_VERSION(1,0);
+                r->protocol  = apr_pstrdup(r->pool, "HTTP/1.0");
+                r->connection->keepalive = AP_CONN_CLOSE;
                 r->status = HTTP_BAD_REQUEST;
                 return 0;
             }