httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From j..@apache.org
Subject cvs commit: apache-1.3/src/main http_protocol.c
Date Tue, 09 Jul 2002 15:26:26 GMT
jim         2002/07/09 08:26:26

  Modified:    src/main http_protocol.c
  Log:
  Don't allow a negative value to sneak through
  
  Revision  Changes    Path
  1.325     +1 -1      apache-1.3/src/main/http_protocol.c
  
  Index: http_protocol.c
  ===================================================================
  RCS file: /home/cvs/apache-1.3/src/main/http_protocol.c,v
  retrieving revision 1.324
  retrieving revision 1.325
  diff -u -r1.324 -r1.325
  --- http_protocol.c	9 Jul 2002 14:47:24 -0000	1.324
  +++ http_protocol.c	9 Jul 2002 15:26:26 -0000	1.325
  @@ -2024,7 +2024,7 @@
               char *endstr;
               errno = 0;
               r->remaining = ap_strtol(lenp, &endstr, 10);
  -            if (errno || (endstr && *endstr)) {
  +            if (errno || (endstr && *endstr) || (r->remaining < 0)) {
                   conversion_error = 1;
               }
           }
  
  
  

Mime
View raw message