From d26129baa47eb9e558d53f463ad18269dfc99607 Mon Sep 17 00:00:00 2001
From: Fabian Keil <fk@fabiankeil.de>
Date: Sat, 16 Jan 2016 12:29:00 +0000
Subject: [PATCH] client_host(): Remove empty host headers

Previously they would result in invalid reads and crashes
when compiled with AddressSanitizer. Bug found with afl-fuzz.
---
 parsers.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/parsers.c b/parsers.c
index c27f40b3..9fe2da77 100644
--- a/parsers.c
+++ b/parsers.c
@@ -1,4 +1,4 @@
-const char parsers_rcs[] = "$Id: parsers.c,v 1.301 2015/12/27 12:49:29 fabiankeil Exp $";
+const char parsers_rcs[] = "$Id: parsers.c,v 1.302 2015/12/27 12:54:12 fabiankeil Exp $";
 /*********************************************************************
  *
  * File        :  $Source: /cvsroot/ijbswa/current/parsers.c,v $
@@ -3287,6 +3287,13 @@ static jb_err client_host(struct client_state *csp, char **header)
 {
    char *p, *q;
 
+   if (strlen(*header) < 7)
+   {
+      log_error(LOG_LEVEL_HEADER, "Removing empty Host header");
+      freez(*header);
+      return JB_ERR_OK;
+   }
+
    if (!csp->http->hostport || (*csp->http->hostport == '*') ||
        *csp->http->hostport == ' ' || *csp->http->hostport == '\0')
    {
-- 
2.39.2