>> Is there any fix for this issue for HTTP server in busybox for new >> releases after 1.2 ?? > > I don't remember all fixes which went into httpd during *fourteen* > major releases since then. Try reading through http://busybox.net/news.html > or inspecting "git log -p httpd.c" output.
I found that there is a major rewrite of httpd.c file which got further divided into multiple files in latest versions. Reading through http://busybox.net/news.html doesnt show any fixes related to Denial of Service but more on directory traversing and other issues. > >> Sorry I havent found any specific fixes for this issues and I wanted >> to know if any of them seeing this issue got fixed in new busybox >> version ? > > I propose simply building latest 1.15.x or 1.16.0 and trying it. I cant simply remove the existing busybox code and replace it with 1.15.x or 1.16.0 codebase just for httpd.c file. But can anyone tell me how to test the latest busybox by building the codebase and testing in a standlone linux machine or emulator rather than in an embedded device ?? -- Thanks, Codingfreak --------------------------------------------- www.codingfreak.blogspot.com _______________________________________________ busybox mailing list [email protected] http://lists.busybox.net/mailman/listinfo/busybox
