You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by Roy Fielding <fi...@hyperreal.com> on 1997/03/07 15:43:55 UTC
cvs commit: apache/src CHANGES http_protocol.c
fielding 97/03/07 06:43:54
Modified: src CHANGES http_protocol.c
Log:
Log an error message if we get a request header that is too long,
since it may indicate a buffer overflow attack.
Submitted by: Marc Slemko
Reviewed by: Roy Fielding, Chuck Murcko, Dean Gaudet, Jim Jagielski
Revision Changes Path
1.189 +3 -0 apache/src/CHANGES
Index: CHANGES
===================================================================
RCS file: /export/home/cvs/apache/src/CHANGES,v
retrieving revision 1.188
retrieving revision 1.189
diff -C3 -r1.188 -r1.189
*** CHANGES 1997/03/07 14:35:46 1.188
--- CHANGES 1997/03/07 14:43:52 1.189
***************
*** 1,5 ****
--- 1,8 ----
Changes with Apache 1.2b8
+ *) Log an error message if we get a request header that is too long,
+ since it may indicate a buffer overflow attack. [Marc Slemko]
+
*) Made is_url() allow "[-.+a-zA-Z0-9]+:" as a valid scheme and
not reject URLs without a double-slash, as per RFC2068 section 3.2.
[Ken Coar] PR #146, #187
1.107 +4 -1 apache/src/http_protocol.c
Index: http_protocol.c
===================================================================
RCS file: /export/home/cvs/apache/src/http_protocol.c,v
retrieving revision 1.106
retrieving revision 1.107
diff -C3 -r1.106 -r1.107
*** http_protocol.c 1997/03/07 12:00:31 1.106
--- http_protocol.c 1997/03/07 14:43:52 1.107
***************
*** 590,597 ****
}
}
bsetflag( conn->client, B_SAFEREAD, 0 );
! if (len == (HUGE_STRING_LEN - 1))
return 0; /* Should be a 414 error status instead */
r->request_time = time(NULL);
r->the_request = pstrdup (r->pool, l);
--- 590,600 ----
}
}
bsetflag( conn->client, B_SAFEREAD, 0 );
! if (len == (HUGE_STRING_LEN - 1)) {
! log_printf(r->server, "request failed for %s, reason: header too long",
! get_remote_host(r->connection, r->per_dir_config, REMOTE_NAME));
return 0; /* Should be a 414 error status instead */
+ }
r->request_time = time(NULL);
r->the_request = pstrdup (r->pool, l);