Am 21.12.2011 20:08, schrieb Greg Ames:
On Tue, Dec 20, 2011 at 4:26 AM, William A. Rowe Jr.
<[email protected]> wrote:
We should come to a conclusion on this.
How about this for 2.2.x ?
--- server/util.c (revision 1179624)
+++ server/util.c (working copy)
@@ -82,6 +82,8 @@
#define IS_SLASH(s) (s == '/')
#endif
+/* same as APR_SIZE_MAX which doesn't appear until APR 1.3 */
+#define UTIL_SIZE_MAX (~((apr_size_t)0))
/*
* Examine a field value (such as a media-/content-type) string and return
@@ -391,6 +393,11 @@
len++;
}
else if (no< nmatch&& pmatch[no].rm_so< pmatch[no].rm_eo) {
+ if (UTIL_SIZE_MAX - len<= pmatch[no].rm_eo - pmatch[no].rm_so) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, APR_ENOMEM, NULL,
+ "integer overflow or out of memory condition." );
+ return NULL;
+ }
len += pmatch[no].rm_eo - pmatch[no].rm_so;
}
Is apr 1.3 required for current 2.2.x? I know it wasn't for older
IMHO APR 1.3 is mandatory for 2.2.x.
Regards
Rüdiger
