update to tengine 1.5.2

CHANGES.cn

@@ -1,3 +1,5 @@
+Tengine-1.5.2 [2013-11-21]
+* Security: 修复CVE-2013-4547安全漏洞
 
 Tengine-1.5.1 [2013-08-29]
 * Feature: 增加retry_cached_connection指令，可以关闭对后端长连接的无条件重试 [yaoweibin]

CHANGES.te

@@ -1,3 +1,8 @@
+Changes with Tengine 1.5.2                                       21 Nov 2013
+    *) Security: a character following an unescaped space in a request line
+       was handled incorrectly (CVE-2013-4547); the bug had appeared in
+       0.8.41.
+       Thanks to Ivan Fratric of the Google Security Team.
 
 Changes with Tengine 1.5.1                                       29 Aug 2013
 

src/core/nginx.h

@@ -14,8 +14,8 @@
 #define NGINX_VER          "nginx/" NGINX_VERSION
 
 #define TENGINE            "Tengine"
-#define tengine_version    1005001
-#define TENGINE_VERSION    "1.5.1"
+#define tengine_version    1005002
+#define TENGINE_VERSION    "1.5.2"
 #define TENGINE_VER        TENGINE "/" TENGINE_VERSION
 
 #define NGINX_VAR          "NGINX"

src/http/ngx_http_parse.c

@@ -614,6 +614,7 @@ ngx_http_parse_request_line(ngx_http_request_t *r, ngx_buf_t *b)
             default:
                 r->space_in_uri = 1;
                 state = sw_check_uri;
+                p--;
                 break;
             }
             break;
@@ -667,6 +668,7 @@ ngx_http_parse_request_line(ngx_http_request_t *r, ngx_buf_t *b)
             default:
                 r->space_in_uri = 1;
                 state = sw_uri;
+                p--;
                 break;
             }
             break;