httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From j..@apache.org
Subject cvs commit: apache-1.3/src/main http_protocol.c
Date Mon, 17 Jun 2002 19:38:21 GMT
jim         2002/06/17 12:38:20

  Modified:    src/main http_protocol.c
  Log:
  Prevent possible badness if the HUGE value for Content-Length
  maps, via atol, to a negative number.
  
  Revision  Changes    Path
  1.318     +6 -0      apache-1.3/src/main/http_protocol.c
  
  Index: http_protocol.c
  ===================================================================
  RCS file: /home/cvs/apache-1.3/src/main/http_protocol.c,v
  retrieving revision 1.317
  retrieving revision 1.318
  diff -u -r1.317 -r1.318
  --- http_protocol.c	17 Jun 2002 18:14:12 -0000	1.317
  +++ http_protocol.c	17 Jun 2002 19:38:19 -0000	1.318
  @@ -1994,6 +1994,12 @@
           }
   
           r->remaining = atol(lenp);
  +        if (r->remaining < 0) {
  +            ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r,
  +              "Request content-length of %s maps to negative number %ld",
  +              lenp, r->remaining);
  +            return HTTP_BAD_REQUEST;
  +        }
       }
   
       if ((r->read_body == REQUEST_NO_BODY) &&
  
  
  

Mime
View raw message