diff --git a/docs/changes.xml b/docs/changes.xml
index 38909a42..65e9d200 100644
--- a/docs/changes.xml
+++ b/docs/changes.xml
@@ -37,6 +37,13 @@ forwarded header to replace client address and protocol.
 </para>
 </change>
 
+<change type="bugfix">
+<para>
+an index file that didn't contain a file extension was incorrectly
+handled, and caused a use-after-free bug.
+</para>
+</change>
+
 </changes>
 
 
diff --git a/src/nxt_http_static.c b/src/nxt_http_static.c
index 61dd0cb3..eef96c16 100644
--- a/src/nxt_http_static.c
+++ b/src/nxt_http_static.c
@@ -756,9 +756,7 @@ nxt_http_static_extract_extension(nxt_str_t *path, nxt_str_t *exten)
     end = path->start + path->length;
     p = end;
 
-    for ( ;; ) {
-        /* There's always '/' in the beginning of the request path. */
-
+    while (p > path->start) {
         p--;
         ch = *p;
 
@@ -767,11 +765,14 @@ nxt_http_static_extract_extension(nxt_str_t *path, nxt_str_t *exten)
             p++;
             /* Fall through. */
         case '.':
-            exten->length = end - p;
-            exten->start = p;
-            return;
+            goto extension;
         }
     }
+
+extension:
+
+    exten->length = end - p;
+    exten->start = p;
 }