PATCH: apache 1.3.24 chunk size thingy - cert_vucert944335_1.3.24

Thu, 20 Jun 2002 03:15:41 -0500 

Hi THere! 

Here is a rehashed version of the patch cert_vucert944335 chunk fix
patch used in apache_1.3.9-14.1 for potato which works for apache in
woody and sid. 

The only thing stopping it was a comment about EBCDIC! 

Got to go  - test this thing on s390 as well! 

Uploading .debs to fix apache chunk size stuff for i386 on woody and sid
NOW!  Source .dsc and .diff is there if others want to build for other
architectures. The i386 .deb works on my home system.

Did not know how to do NMU with new security system, or someone else can
look after it. Matthew? Steve?

Best Regards, 

Matthew Grant 
-- 
===============================================================================
Matthew Grant        /\  ^/\^   [EMAIL PROTECTED]      /~~~~\
A Linux Network Guy /~~\^/~~\_/~~~~~\_______/~~~~~~~~~~\____/******\
===GPG KeyID: 2EE20270  FingerPrint:
8C2535E1A11DF3EA5EA19125BA4E790E2EE20270==

--- build-tree/apache_1.3.24/src/main/http_protocol.c.cert_vucert944335 Fri Mar 
22 02:49:46 2002
+++ build-tree/apache_1.3.24/src/main/http_protocol.c   Thu Jun 20 19:50:31 2002
@@ -2019,21 +2019,35 @@
 static long get_chunk_size(char *b)
 {
     long chunksize = 0;
+    long chunkbits = sizeof(long) * 8;
 
-    while (ap_isxdigit(*b)) {
+    /* Skip leading zeros */
+    while (*b == '0') {
+        ++b;
+    }
+
+    while (ap_isxdigit(*b) && (chunkbits > 0)) {
         int xvalue = 0;
 
        /* This works even on EBCDIC. */
-        if (*b >= '0' && *b <= '9')
+        if (*b >= '0' && *b <= '9') {
             xvalue = *b - '0';
-        else if (*b >= 'A' && *b <= 'F')
+        }
+        else if (*b >= 'A' && *b <= 'F') {
             xvalue = *b - 'A' + 0xa;
-        else if (*b >= 'a' && *b <= 'f')
+        }
+        else if (*b >= 'a' && *b <= 'f') {
             xvalue = *b - 'a' + 0xa;
+        }
 
         chunksize = (chunksize << 4) | xvalue;
+        chunkbits -= 4;
         ++b;
     }
+    if (ap_isxdigit(*b) && (chunkbits <= 0)) {
+        /* overflow */
+        return -1;
+    }
 
     return chunksize;
 }
@@ -2117,6 +2131,10 @@
                 return 0;
             }
             r->remaining = -1;  /* Indicate footers in-progress */
+        }
+        else if (len_to_read < 0) {
+            r->connection->keepalive = -1;
+            return -1;
         }
         else {
             r->remaining = len_to_read;

Attachment: signature.asc
Description: This is a digitally signed message part

Reply via email to