From 3b5eacb3aec47ccae827ce732a4cfdaa7c3ed4ef Mon Sep 17 00:00:00 2001
From: Thomas Bernard <miniupnp@free.fr>
Date: Sun, 27 Jan 2013 21:07:40 +0100
Subject: [PATCH] upnphttp: ParseHttpHeaders() checks atoi() return

atoi() can return a negative value, and that can lead to problems
later
---
 miniupnpd/upnphttp.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/miniupnpd/upnphttp.c b/miniupnpd/upnphttp.c
index b4b5d6f..cebd210 100644
--- a/miniupnpd/upnphttp.c
+++ b/miniupnpd/upnphttp.c
@@ -92,6 +92,10 @@ ParseHttpHeaders(struct upnphttp * h)
 				while(*p < '0' || *p > '9')
 					p++;
 				h->req_contentlen = atoi(p);
+				if(h->req_contentlen < 0) {
+					syslog(LOG_WARNING, "ParseHttpHeaders() invalid Content-Length %d", h->req_contentlen);
+					h->req_contentlen = 0;
+				}
 				/*printf("*** Content-Lenght = %d ***\n", h->req_contentlen);
 				printf("    readbufflen=%d contentoff = %d\n",
 					h->req_buflen, h->req_contentoff);*/