On Wed, 21 Dec 2011, Greg Ames wrote:
On Tue, Dec 20, 2011 at 4:26 AM, William A. Rowe Jr.
wrote:
We should come to a conclusion on this.
How about this for 2.2.x ?
--- server/util.c (revision 1179624)
+++ server/util.c (working copy)
@@ -82,6 +82,8 @@
#define IS_SLASH(s) (s ==
Am 21.12.2011 20:08, schrieb Greg Ames:
On Tue, Dec 20, 2011 at 4:26 AM, William A. Rowe Jr.
wrote:
We should come to a conclusion on this.
How about this for 2.2.x ?
--- server/util.c (revision 1179624)
+++ server/util.c (working copy)
@@ -82,6 +82,8 @@
#define IS_SLASH(s)
Am 21.12.2011 23:28, schrieb Guenter Knauf:
Am 21.12.2011 20:08, schrieb Greg Ames:
On Tue, Dec 20, 2011 at 4:26 AM, William A. Rowe Jr.
wrote:
We should come to a conclusion on this.
How about this for 2.2.x ?
--- server/util.c (revision 1179624)
+++ server/util.c (working copy)
@@ -82,6 +
Am 21.12.2011 20:08, schrieb Greg Ames:
On Tue, Dec 20, 2011 at 4:26 AM, William A. Rowe Jr.
wrote:
We should come to a conclusion on this.
How about this for 2.2.x ?
--- server/util.c (revision 1179624)
+++ server/util.c (working copy)
@@ -82,6 +82,8 @@
#define IS_SLASH(s) (s
On Tue, Dec 20, 2011 at 4:26 AM, William A. Rowe Jr.
wrote:
> We should come to a conclusion on this.
How about this for 2.2.x ?
--- server/util.c (revision 1179624)
+++ server/util.c (working copy)
@@ -82,6 +82,8 @@
#define IS_SLASH(s) (s == '/')
#endif
+/* same as APR_SIZE_MAX w
; behaviour to 2.2.x.
>
> Regards
>
> Rüdiger
>
>> -Original Message-
>> From: Roman Drahtmueller [mailto:dr...@suse.de]
>> Sent: Dienstag, 15. November 2011 15:13
>> To: dev@httpd.apache.org
>> Subject: CVE-2011-3607, int overflow ap_pregsub()
>
bject: CVE-2011-3607, int overflow ap_pregsub()
>
> Hi there,
>
> Revision 1198940 attempts to fix an integer overflow in
> ap_pregsub() in
> server/util.c:394. The patch is:
>
> --- httpd/httpd/trunk/server/util.c 2011/11/07 21:09:41 1198939
> +++ httpd/httpd
Hi there,
Revision 1198940 attempts to fix an integer overflow in ap_pregsub() in
server/util.c:394. The patch is:
--- httpd/httpd/trunk/server/util.c 2011/11/07 21:09:41 1198939
+++ httpd/httpd/trunk/server/util.c 2011/11/07 21:13:40 1198940
@@ -411,6 +411,8 @@
len+