http: avoid out of bound accesses on broken Set-Cookie headers

It's trivial to craft a HTTP response that will make the code for
skipping trailing whitespace access and possibly overwrite bytes outside
of the memory allocation. Why this can happen is blindingly obvious: it
accesses cstr[strlen(cstr)-1] without checking whether the string is
empty.

0 files changed, 0 insertions, 0 deletions