httpd/SOURCES/httpd-2.4.51-CVE-2021-44790.patch

--- a/modules/lua/lua_request.c	2021/12/16 11:09:40	1896038
+++ b/modules/lua/lua_request.c	2021/12/16 11:15:47	1896039
@@ -410,6 +410,7 @@
             if (end == NULL) break;
             key = (char *) apr_pcalloc(r->pool, 256);
             filename = (char *) apr_pcalloc(r->pool, 256);
+            if (end - crlf <= 8) break;
             vlen = end - crlf - 8;
             buffer = (char *) apr_pcalloc(r->pool, vlen+1);
             memcpy(buffer, crlf + 4, vlen);