Fix stack overflow that can occur in libevhtp

libevhtp allocates a stack based on data length when C99 is detected at compile time. There are no checks to verify that the stack is big enough which can cause a stack overflow. Adding EVHTP_HAS_C99=false at compile time changes this behavior by allocate to a buffer which has proper checks in place. More information about this bug can be found at: https://github.com/criticalstack/libevhtp/issues/118 https://github.com/haiwen/seafile/issues/1928 MFH: 2019Q3
svn path=/head/; revision=510747
2025-01-11 07:22:22 +00:00 · 2019-09-01 22:48:46 +00:00 · 2019-09-01 22:48:46 +00:00 · bb401c1a91 · 2021-03-31 03:12:20 +00:00
commit bb401c1a91
parent 1dade77763
1 changed files with 3 additions and 2 deletions
--- a/www/libevhtp/Makefile
+++ b/www/libevhtp/Makefile
@ -2,7 +2,7 @@

 PORTNAME=	libevhtp
 PORTVERSION=	1.2.16
-PORTREVISION=	3
+PORTREVISION=	4
 CATEGORIES=	www

 MAINTAINER=	ultima@FreeBSD.org
@ -19,7 +19,8 @@ USE_GITHUB=	yes
 GH_ACCOUNT=	criticalstack

 CMAKE_ARGS=	-DCMAKE_INCLUDE_PATH:PATH=include/event2 \
-		-DCMAKE_LIBRARY_PATH:PATH=lib/event2
+		-DCMAKE_LIBRARY_PATH:PATH=lib/event2 \
+		-DEVHTP_HAS_C99:BOOL=FALSE

 PLIST_SUB=	PORTVERSION=${PORTVERSION}