Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP5:GA
rubygem-puma
CVE-2020-11076.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2020-11076.patch of Package rubygem-puma
From 092fb5a5d096c22c2dfb1ebf38b0da0401d7da67 Mon Sep 17 00:00:00 2001 From: Evan Phoenix <evan@phx.io> Date: Mon, 18 May 2020 14:43:00 -0700 Subject: [PATCH] Better handle client input --- lib/puma/client.rb | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/lib/puma/client.rb b/lib/puma/client.rb index f0dc872e..d36e8dc7 100644 --- a/lib/puma/client.rb +++ b/lib/puma/client.rb @@ -230,8 +230,16 @@ module Puma te = @env[TRANSFER_ENCODING2] - if te && CHUNKED.casecmp(te) == 0 - return setup_chunked_body(body) + if te + if te.include?(",") + te.split(",").each do |part| + if CHUNKED.casecmp(part.strip) == 0 + return setup_chunked_body(body) + end + end + elsif CHUNKED.casecmp(te) == 0 + return setup_chunked_body(body) + end end @chunked_body = false -- 2.26.2
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor