httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From traw...@apache.org
Subject svn commit: r1610652 - /httpd/httpd/trunk/server/mpm/winnt/child.c
Date Tue, 15 Jul 2014 11:15:27 GMT
Author: trawick
Date: Tue Jul 15 11:15:26 2014
New Revision: 1610652

URL: http://svn.apache.org/r1610652
Log:
SECURITY (CVE-2014-0226): Fix a memory consumption denial of
service in the WinNT MPM used in all Windows installations.
Workaround: AcceptFilter <protocol> {none|connect}

Submitted by: trawick
Reviewed by: jorton, covener, jim

Modified:
    httpd/httpd/trunk/server/mpm/winnt/child.c

Modified: httpd/httpd/trunk/server/mpm/winnt/child.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/server/mpm/winnt/child.c?rev=1610652&r1=1610651&r2=1610652&view=diff
==============================================================================
--- httpd/httpd/trunk/server/mpm/winnt/child.c (original)
+++ httpd/httpd/trunk/server/mpm/winnt/child.c Tue Jul 15 11:15:26 2014
@@ -601,8 +601,12 @@ reinit: /* target of data or connect upo
                 b->length = BytesRead;
                 context->overlapped.Pointer = b;
             }
-            else
+            else {
+                if (accf == 2) {
+                    apr_bucket_free(buf);
+                }
                 context->overlapped.Pointer = NULL;
+            }
         }
         else /* (accf = 0)  e.g. 'none' */
         {



Mime
View raw message