rpms/httpd
7
0
Fork 0
Code Issues Pull Requests Releases Activity
f38bb25abe
httpd/httpd-2.4.53-CVE-2022-28615.patch
Luboš Uhliarik f50c76924f Resolves: #2097032 - CVE-2022-28615 httpd: out-of-bounds read in 
ap_strcmp_match()

- uncomment previous security patch200 - it was commented out by mistake
2022-07-20 17:04:41 +02:00

23 lines
716 B
Diff
Raw Blame History

diff --git a/server/util.c b/server/util.c
index 604be1a..6808164 100644
--- a/server/util.c
+++ b/server/util.c
@@ -185,7 +185,7 @@ AP_DECLARE(char *) ap_ht_time(apr_pool_t *p, apr_time_t t, const char *fmt,
*/
AP_DECLARE(int) ap_strcmp_match(const char *str, const char *expected)
{
- int x, y;
+ apr_size_t x, y;
for (x = 0, y = 0; expected[y]; ++y, ++x) {
if (expected[y] == '*') {
@@ -209,7 +209,7 @@ AP_DECLARE(int) ap_strcmp_match(const char *str, const char *expected)
AP_DECLARE(int) ap_strcasecmp_match(const char *str, const char *expected)
{
- int x, y;
+ apr_size_t x, y;
for (x = 0, y = 0; expected[y]; ++y, ++x) {
if (!str[x] && expected[y] != '*')
Reference in New Issue View Git Blame Copy Permalink