From 317eac1e93506ba3a6efb1de92ce64a2155f8b64 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Julien=20=C3=89LIE?= <Julien-Elie@users.noreply.github.com>
Date: Thu, 2 Nov 2023 22:19:32 +0100
Subject: [PATCH] Fix an out-of-bounds access

Issue seen on CheriBSD running on a Morello board
(core dump when running the test suite).
---
 lib/headers.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/headers.c b/lib/headers.c
index 9bbb58aa4..fc8fac716 100644
--- a/lib/headers.c
+++ b/lib/headers.c
@@ -47,6 +47,7 @@ bool
 IsValidHeaderBody(const char *p)
 {
     bool emptycontentline = true;
+    const char *start = p;
 
     /* Not NULL and not empty. */
     if (p == NULL || *p == '\0')
@@ -73,7 +74,7 @@ IsValidHeaderBody(const char *p)
              * re-initialize emptycontentline to true. */
             emptycontentline = true;
             continue;
-        } else if (p[-1] == '\r') {
+        } else if (p > start && p[-1] == '\r') {
             /* Case of CR not followed by LF (handled at the previous
              * if statement). */
             return false;