vlc/vlc-1.1 | branch: master | Pierre Ynard <[email protected]> | Sat Dec 11 00:41:08 2010 +0100| [fc4d9d93f3692f562ffb030f8ff1292b9bbbf7c8] | committer: Pierre Ynard
httpd: fix parsing of request body This caused genuine bugs like mangled bodies and corrupted requests (usually leading to 501 errors), and possibly leaks of memory buffer of the size of the Content-Length parameter. This is pretty bad since crafted requests could easily exhaust the memory and/or trigger a crash. Apart from the contents of the buffer of the involved request, there doesn't seem to be any possible memory corruption. (cherry picked from commit 8fae1e140a0bfc80666c41ce55255000c1fad440) Signed-off-by: Pierre Ynard <[email protected]> > http://git.videolan.org/gitweb.cgi/vlc/vlc-1.1.git/?a=commit;h=fc4d9d93f3692f562ffb030f8ff1292b9bbbf7c8 --- src/network/httpd.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/src/network/httpd.c b/src/network/httpd.c index 5d1bbaa..3eaa8c5 100644 --- a/src/network/httpd.c +++ b/src/network/httpd.c @@ -1834,6 +1834,7 @@ static void httpd_ClientRecv( httpd_client_t *cl ) * mark the end of the body (probably only RTSP) */ cl->query.p_body = xmalloc( cl->query.i_body ); cl->i_buffer = 0; + break; } else { _______________________________________________ vlc-commits mailing list [email protected] http://mailman.videolan.org/listinfo/vlc-commits
