From e8fd66ba8af25e4a65e27144ae9c6756612ea139 Mon Sep 17 00:00:00 2001
From: Jeff Becker <jeff@i2p.rocks>
Date: Thu, 5 Mar 2020 18:25:27 -0500
Subject: [PATCH] bounds check in http headers

---
 libabyss/src/http.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libabyss/src/http.cpp b/libabyss/src/http.cpp
index 99150ba8c..083fe14e4 100644
--- a/libabyss/src/http.cpp
+++ b/libabyss/src/http.cpp
@@ -13,7 +13,7 @@ namespace abyss
         return true;
       }
       auto idx = line.find_first_of(':');
-      if(idx == string_view::npos)
+      if(idx == string_view::npos || (line.size() - 1) <= (1 + idx))
         return false;
       string_view header = line.substr(0, idx);
       string_view val    = line.substr(1 + idx);