httpd: skip "Status: " from CGI, including space. Closes 10291

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

diff --git a/networking/httpd.c b/networking/httpd.c
index 9369de82401869f297fffcbdd67e301d70aee153..c823835073e05745dfca3e7857376d3f871077ed 100644 (file)
--- a/networking/httpd.c
+++ b/networking/httpd.c
@@ -1371,12 +1371,13 @@ static NOINLINE void cgi_io_loop_and_exit(int fromCgi_rd, int toCgi_wr, int post
                                out_cnt += count;
                                count = 0;
                                /* "Status" header format is: "Status: 302 Redirected\r\n" */
-                               if (out_cnt >= 7 && memcmp(rbuf, "Status:", 7) == 0) {
+                               if (out_cnt >= 8 && memcmp(rbuf, "Status: ", 8) == 0) {
                                        /* send "HTTP/1.0 " */
                                        if (full_write(STDOUT_FILENO, HTTP_200, 9) != 9)
                                                break;
-                                       rbuf += 7; /* skip "Status:" */
-                                       count = out_cnt - 7;
+                                       /* skip "Status: " (including space, sending "HTTP/1.0  NNN" is wrong) */
+                                       rbuf += 8;
+                                       count = out_cnt - 8;
                                        out_cnt = -1; /* buffering off */
                                } else if (out_cnt >= 4) {
                                        /* Did CGI add "HTTP"? */