1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-22 04:17:44 +00:00

- Added patch to circumvent integer overflow in Content-Length header

parsing, until new upstream package is released.

PR:		ports/155027
Submitted by:	C-S <c-s@c-s.li>
Security:	b13414c9-50ba-11e0-975a-000c29cc39d3
Security:	http://www.hiawatha-webserver.org/weblog/16
Security:	http://secunia.com/advisories/43660/
This commit is contained in:
Greg Larkin 2011-03-17 17:45:41 +00:00
parent 7dd7d929e6
commit 9e2b68012b
Notes: svn2git 2021-03-31 03:12:20 +00:00
svn path=/head/; revision=271160
2 changed files with 20 additions and 0 deletions

View File

@ -7,6 +7,7 @@
PORTNAME= hiawatha
PORTVERSION= 7.4
PORTREVISION= 1
CATEGORIES= www
MASTER_SITES= http://www.hiawatha-webserver.org/files/ \
http://www.c-s.li/ports/

View File

@ -0,0 +1,19 @@
--- ./hiawatha.c.orig 2010-11-02 17:03:24.000000000 -0400
+++ ./hiawatha.c 2011-02-25 16:41:31.000000000 -0500
@@ -34,6 +34,7 @@
#include <sys/wait.h>
#include <sys/socket.h>
#include <sys/time.h>
+#include <limits.h>
#include "alternative.h"
#include "mimetype.h"
#include "serverconfig.h"
@@ -418,7 +419,7 @@
*strend = '\0';
content_length = str2int(strstart);
*strend = '\r';
- if (content_length < 0) {
+ if ((content_length < 0) || (INT_MAX - content_length - 2 <= header_length)) {
result = 400;
break;
}