| Message view | « Date » · « Thread » |
|---|---|
| Top | « Date » · « Thread » |
| From | Tom Evans <tevans...@googlemail.com> |
| Subject | Truly minor inconsistency in mod_rangecnt.c |
| Date | Thu, 25 Aug 2011 14:53:39 GMT |
Hi Dirk-Willem, list. I wasn't sure whether to mail this in, it is inconsequential; the module is supposed to count the number of ranges, but it actually counts the number of commas between ranges, leading to an off-by-one. IE, a request with 6 ranges would not be rejected, where as the code has #define MAXRANGEHEADERS (5). Its truly minor, but made my test tool to determine whether a server is vulnerable to give some false positives, as it was sending 5 ranges and expecting a 417. Cheers Tom | |
| Mime |
|
| View raw message | |