httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 61511] htdigest: one byte stack buffer overflow on malformed input file
Date Sat, 09 Sep 2017 17:26:44 GMT
https://bz.apache.org/bugzilla/show_bug.cgi?id=61511

--- Comment #6 from Luca Toscano <toscano.luca@gmail.com> ---
I added a new patch that is probably better, since the problem is getword() and
the MAX_STRING_LEN applies to it (so anything split by a ':'), not to the total
line length (that can be up to 3 * MAX_STRING_LEN).

The attached patch should emit an error and avoid the overflow. Still didn't
find a ton of time to test it, will do it in the following days.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message