From 0218d4b9c1c0706df4bd7a3e3b15f71d4b66126a Mon Sep 17 00:00:00 2001
From: Eric Covener <covener@apache.org>
Date: Sun, 26 Apr 2026 16:32:29 +0000
Subject: [PATCH] Merge r1933359 from trunk:

scan outgoing status line for newlines and controls



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1933360 13f79535-47bb-0310-9956-ffa450edef68
---
 modules/http/http_filters.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/modules/http/http_filters.c b/modules/http/http_filters.c
index 732fb8eb6a7..9f7f3fca6b6 100644
--- a/modules/http/http_filters.c
+++ b/modules/http/http_filters.c
@@ -1013,6 +1013,11 @@ static apr_status_t validate_status_line(request_rec *r)
             r->status_line = apr_pstrcat(r->pool, r->status_line, " ", NULL);
             return APR_EGENERAL;
         }
+        /* Check for newlines and control characters */
+        if (len > 4 && *ap_scan_http_field_content(r->status_line + 4)) {
+            r->status_line = NULL;
+            return APR_EGENERAL;
+        }
         return APR_SUCCESS;
     }
     return APR_EGENERAL;