diff --git a/ChangeLog b/ChangeLog
index ea1c4f6..6ad670a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -2,6 +2,29 @@
 Version 1.6.19
 *******************************************************************************
 
+2013-08-13 Peng <howtofly(at)gmail.com>
+
+	Patch to fix behaviou when char is signed
+
+	it seems to me that there is still something wrong:
+
+	1)  the new is_qdtext_char() is incorrect.
+	There is a trap if char is implemented as signed char.
+	Suppose that c is '\xFF', it will be -1 when converted to an int.
+	By definition, c should be qdtext:
+	qdtext = <any TEXT except <">>
+	TEXT = <any OCTET except CTLs, but including LWS>
+	OCTET = <any 8-bit sequence of data>
+
+	2) the character after '\\' could be either part of a quoted-pair
+	(together with '\\'), or a normal qdtext, since '\\' itself can
+	be treated as a qdtext. This is equivalent to saying that the
+	character after '\\' in a quoted string could be ANY octet.
+
+	A patch based on the above two observations is attached.
+
+	Peng
+
 2013-08-13 Marcelo Roberto Jimenez <mroberto(at)users.sourceforge.net>
 
 	Enforce RFC 2616 and accept "0" after a backslash for quoted-strings.
diff --git a/upnp/src/genlib/net/http/httpparser.c b/upnp/src/genlib/net/http/httpparser.c
index 6814671..6fd8f75 100644
--- a/upnp/src/genlib/net/http/httpparser.c
+++ b/upnp/src/genlib/net/http/httpparser.c
@@ -190,6 +190,7 @@ static UPNP_INLINE int is_qdtext_char(IN int c)
 
 	return
 		(c >= 32 && c != 127) ||
+		c < 0 ||
 		c == TOKCHAR_CR ||
 		c == TOKCHAR_LF ||
 		c == '\t';
@@ -288,8 +289,7 @@ static parse_status_t scanner_get_token(
 			} else if (c == '\\') {
 				if (cursor < null_terminator) {
 					c = *cursor++;
-					if (c < 0 || c > 127)
-						return PARSE_FAILURE;
+					/* the char after '\\' could be ANY octet */
 				}
 				/* else, while loop handles incomplete buf */
 			} else if (is_qdtext_char(c)) {