Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
Please login to access the resource
openSUSE:Leap:15.5:Update
apache2.31343
apache2-CVE-2022-28614.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File apache2-CVE-2022-28614.patch of Package apache2.31343
From 8c14927162cf3b4f810683e1c5505e9ef9e1f123 Mon Sep 17 00:00:00 2001 From: Eric Covener <covener@apache.org> Date: Wed, 1 Jun 2022 12:34:16 +0000 Subject: [PATCH] Merge r1901500 from trunk: handle large writes in ap_rputs git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1901501 13f79535-47bb-0310-9956-ffa450edef68 --- include/http_protocol.h | 22 +++++++++++++++++++++- server/protocol.c | 3 +++ 2 files changed, 24 insertions(+), 1 deletion(-) diff --git a/include/http_protocol.h b/include/http_protocol.h index 20bd2022266..94c481e5f43 100644 --- a/include/http_protocol.h +++ b/include/http_protocol.h @@ -475,7 +475,27 @@ AP_DECLARE(int) ap_rwrite(const void *buf, int nbyte, request_rec *r); */ static APR_INLINE int ap_rputs(const char *str, request_rec *r) { - return ap_rwrite(str, (int)strlen(str), r); + apr_size_t len; + + len = strlen(str); + + for (;;) { + if (len <= INT_MAX) { + return ap_rwrite(str, (int)len, r); + } + else { + int rc; + + rc = ap_rwrite(str, INT_MAX, r); + if (rc < 0) { + return rc; + } + else { + str += INT_MAX; + len -= INT_MAX; + } + } + } } /** diff --git a/server/protocol.c b/server/protocol.c index 298f61e1fb8..7adc7f75c10 100644 --- a/server/protocol.c +++ b/server/protocol.c @@ -2128,6 +2128,9 @@ AP_DECLARE(int) ap_rputc(int c, request_rec *r) AP_DECLARE(int) ap_rwrite(const void *buf, int nbyte, request_rec *r) { + if (nbyte < 0) + return -1; + if (r->connection->aborted) return -1;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor