id,summary,reporter,owner,description,type,status,priority,milestone,component,version,resolution,keywords,cc,uname,nginx_version 762,"procol version integer overflow, downgrade to 0.9",openid.stackexchange.com/user/9a01f091-0d6d-4e99-8f37-dcf99897dd7c,,"Nginx currently supports the old RFC with : {{{ HTTP / *DIGIT . *DIGIT }}} But when extracting the major and minor version there's an int16 overflow which means that currently ""HTTP/65536.9"" or ""HTTP/65536.8"" can be used and will be detected as HTTP/0.9. This can be used to generate headless responses from Nginx (like a regular 0.9 query) while using something which does not look like a 0.9 query. They're two ways of fixing it: * use the attached patch to prevent int16 overflow * remove the multi-digit part in the automaton parser (as the new rfc 7230 allows only one digit for major and 1 for minor) Note that this patch is a poc on `ngx_http_parse.c` which may need to be applied on other places like `ngx_event_openssl_stapling.c` or  `ngx_http_spdy.c` where the same issue can also be present. ",defect,closed,minor,,nginx-core,1.7.x,fixed,,,,"nginx version: nginx/1.9.0 built by gcc 4.9.2 (Debian 4.9.2-10) configure arguments: "