rpms/httpd
7
0
Fork 0
Code Issues Pull Requests Releases Activity
0cc775339f
httpd/httpd-2.4.51-CVE-2021-44790.patch
Luboš Uhliarik 0cc775339f Resolves: #2035064 - CVE-2021-44790 httpd: mod_lua: possible buffer overflow 
when parsing multipart content
2022-01-10 18:57:43 +01:00

11 lines
475 B
Diff
Raw Blame History

--- a/modules/lua/lua_request.c 2021/12/16 11:09:40 1896038
+++ b/modules/lua/lua_request.c 2021/12/16 11:15:47 1896039
@@ -410,6 +410,7 @@
if (end == NULL) break;
key = (char *) apr_pcalloc(r->pool, 256);
filename = (char *) apr_pcalloc(r->pool, 256);
+ if (end - crlf <= 8) break;
vlen = end - crlf - 8;
buffer = (char *) apr_pcalloc(r->pool, vlen+1);
memcpy(buffer, crlf + 4, vlen);
Reference in New Issue View Git Blame Copy Permalink