From b4c53e2cfd11fa9fec43d766fbec1a06931de11d Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Tue, 27 Sep 2005 09:13:39 +0000
Subject: [PATCH] An anonymous submitter filed bug #1299181
 (http://curl.haxx.se/bug/view.cgi?id=1299181) that identified a silly problem
 with Content-Range: headers with the 'bytes' keyword written in a different
 case than all lowercase! It would cause a segfault!

---
 CHANGES        | 5 +++++
 RELEASE-NOTES  | 5 +++++
 lib/transfer.c | 8 ++++----
 3 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/CHANGES b/CHANGES
index dcb8a46c44..56b53a71e6 100644
--- a/CHANGES
+++ b/CHANGES
@@ -8,6 +8,11 @@
 
 
 Daniel (27 September 2005)
+- An anonymous submitter filed bug #1299181
+  (http://curl.haxx.se/bug/view.cgi?id=1299181) that identified a silly
+  problem with Content-Range: headers with the 'bytes' keyword written in a
+  different case than all lowercase! It would cause a segfault!
+
 - TJ Saunders of the proftpd project identified and pointed out problems with
   the modified FTPS negotiation change of August 19 2005. Thus, we revert the
   change back to pre-7.14.1 status.
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 0db7c9459d..fc020b2813 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -16,6 +16,7 @@ This release includes the following changes:
 
 This release includes the following bugfixes:
 
+ o HTTP Content-Range header parser crash
  o FTPS negotiation timeouts/errors
  o SSPI works even for Windows 9x
  o crash in --dump-header on FTP
@@ -23,6 +24,10 @@ This release includes the following bugfixes:
 
 Other curl-related news since the previous public release:
 
+ o All curl relatd mailing list information and subscribers on cool.haxx.se
+   were lost due to a malicious user exploiting a security hole on the
+   server. Attempts have been made to put back susbcribers on the lists, but
+   many have been lost.
  o New S-Lang binding: http://curl.haxx.se/libcurl/slang/
  o TclCurl 0.14.1: http://personal1.iddeo.es/andresgarci/tclcurl/english/
  o pycurl 7.14.1: http://pycurl.sf.net/
diff --git a/lib/transfer.c b/lib/transfer.c
index 996d133c9d..13f31e9bc1 100644
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -880,11 +880,11 @@ CURLcode Curl_readwrite(struct connectdata *conn,
               /* Content-Range: bytes [num]-
                  Content-Range: bytes: [num]-
 
-                 The second format was added August 1st 2000 by Igor
-                 Khristophorov since Sun's webserver JavaWebServer/1.1.1
-                 obviously sends the header this way! :-( */
+                 The second format was added since Sun's webserver
+                 JavaWebServer/1.1.1 obviously sends the header this way!
+              */
 
-              char *ptr = strstr(k->p, "bytes");
+              char *ptr = Curl_strcasestr(k->p, "bytes");
               ptr+=5;
 
               if(*ptr == ':')
-- 
GitLab