From 10d5422c3e22abb056f44c478acabfa6360b2e7b Mon Sep 17 00:00:00 2001
From: Matthew Holt <mholt@users.noreply.github.com>
Date: Tue, 25 Jul 2017 13:00:49 -0600
Subject: [PATCH] mitm: Fix out of bounds error when checking software version
 in UA

---
 caddyhttp/httpserver/mitm.go      |  2 ++
 caddyhttp/httpserver/mitm_test.go | 45 +++++++++++++++++++++++++++++++
 2 files changed, 47 insertions(+)

diff --git a/caddyhttp/httpserver/mitm.go b/caddyhttp/httpserver/mitm.go
index be024d40d..d058f37c8 100644
--- a/caddyhttp/httpserver/mitm.go
+++ b/caddyhttp/httpserver/mitm.go
@@ -112,6 +112,8 @@ func getVersion(ua, softwareName string) float64 {
 	end := strings.Index(ua[start:], " ")
 	if end < 0 {
 		end = len(ua)
+	} else {
+		end += start
 	}
 	strVer := strings.Replace(ua[start:end], "-", "", -1)
 	firstDot := strings.Index(strVer, ".")
diff --git a/caddyhttp/httpserver/mitm_test.go b/caddyhttp/httpserver/mitm_test.go
index 6be85b239..82df34af6 100644
--- a/caddyhttp/httpserver/mitm_test.go
+++ b/caddyhttp/httpserver/mitm_test.go
@@ -352,3 +352,48 @@ func TestHeuristicFunctionsAndHandler(t *testing.T) {
 		}
 	}
 }
+
+func TestGetVersion(t *testing.T) {
+	for i, test := range []struct {
+		UserAgent    string
+		SoftwareName string
+		Version      float64
+	}{
+		{
+			UserAgent:    "Mozilla/5.0 (Windows NT 6.1; rv:45.0) Gecko/20100101 Firefox/45.0",
+			SoftwareName: "Firefox",
+			Version:      45.0,
+		},
+		{
+			UserAgent:    "Mozilla/5.0 (Windows NT 6.1; rv:45.0) Gecko/20100101 Firefox/45.0 more_stuff_here",
+			SoftwareName: "Firefox",
+			Version:      45.0,
+		},
+		{
+			UserAgent:    "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393",
+			SoftwareName: "Safari",
+			Version:      537.36,
+		},
+		{
+			UserAgent:    "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393",
+			SoftwareName: "Chrome",
+			Version:      51.0270479,
+		},
+		{
+			UserAgent:    "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393",
+			SoftwareName: "Mozilla",
+			Version:      5.0,
+		},
+		{
+			UserAgent:    "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393",
+			SoftwareName: "curl",
+			Version:      -1,
+		},
+	} {
+		actual := getVersion(test.UserAgent, test.SoftwareName)
+		if actual != test.Version {
+			t.Errorf("Test [%d]: Expected version=%f, got version=%f for %s in '%s'",
+				i, test.Version, actual, test.SoftwareName, test.UserAgent)
+		}
+	}
+}