[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: FW: Apache httpd: vulnerability with chunked encoding

To: misc@openbsd.org
Subject: Re: FW: Apache httpd: vulnerability with chunked encoding
From: Henning Brauer <lists-openbsd@bsws.de>
Date: Mon, 17 Jun 2002 22:28:25 +0200
Content-Disposition: inline
Mail-Followup-To: misc@openbsd.org
References: <B9338BA8.3D08%lists@rawten.net> <Pine.LNX.4.33.0206172117140.23854-100000@ace>

On Mon, Jun 17, 2002 at 09:18:52PM +0200, Dries Schellekens wrote:
> On Mon, 17 Jun 2002, Rawten List Access wrote: 
> > ----------
> > From: Mark J Cox <mjc@apache.org>
> > Date: Mon, 17 Jun 2002 18:21:15 +0100 (BST)
> >
> > Subject: Apache httpd: vulnerability with chunked encoding
> This was fixed in -current by henning 2 hours ago
> -        len_to_read = (r->remaining > bufsiz) ? bufsiz : r->remaining;
> +        len_to_read = (r->remaining > (unsigned int)bufsiz) ? bufsiz : r->remaining;

This was a quick fix for the obvious exploit (and indeed fixed this one).
I had a better one in my tree, but then apache.org was faster ;-) The latter
is in now.

References:
- FW: Apache httpd: vulnerability with chunked encoding
  - From: Rawten List Access <lists@rawten.net>
- Re: FW: Apache httpd: vulnerability with chunked encoding
  - From: Dries Schellekens <gwyllion@ace.ulyssis.org>

Prev by Date: Re: Fw: openbsd rumours
Next by Date: UltraDMA on IBM Thinkpad
Prev by thread: Re: FW: Apache httpd: vulnerability with chunked encoding
Next by thread: Re: FW: Apache httpd: vulnerability with chunked encoding
Index(es):
- Date
- Thread