You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by Roy Fielding <fi...@hyperreal.com> on 1997/03/07 15:43:55 UTC

cvs commit: apache/src CHANGES http_protocol.c

fielding    97/03/07 06:43:54

  Modified:    src       CHANGES http_protocol.c
  Log:
  Log an error message if we get a request header that is too long,
  since it may indicate a buffer overflow attack.
  
  Submitted by: Marc Slemko
  Reviewed by: Roy Fielding, Chuck Murcko, Dean Gaudet, Jim Jagielski
  
  Revision  Changes    Path
  1.189     +3 -0      apache/src/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /export/home/cvs/apache/src/CHANGES,v
  retrieving revision 1.188
  retrieving revision 1.189
  diff -C3 -r1.188 -r1.189
  *** CHANGES	1997/03/07 14:35:46	1.188
  --- CHANGES	1997/03/07 14:43:52	1.189
  ***************
  *** 1,5 ****
  --- 1,8 ----
    Changes with Apache 1.2b8
    
  +   *) Log an error message if we get a request header that is too long,
  +      since it may indicate a buffer overflow attack. [Marc Slemko]
  + 
      *) Made is_url() allow "[-.+a-zA-Z0-9]+:" as a valid scheme and
         not reject URLs without a double-slash, as per RFC2068 section 3.2.
         [Ken Coar] PR #146, #187
  
  
  
  1.107     +4 -1      apache/src/http_protocol.c
  
  Index: http_protocol.c
  ===================================================================
  RCS file: /export/home/cvs/apache/src/http_protocol.c,v
  retrieving revision 1.106
  retrieving revision 1.107
  diff -C3 -r1.106 -r1.107
  *** http_protocol.c	1997/03/07 12:00:31	1.106
  --- http_protocol.c	1997/03/07 14:43:52	1.107
  ***************
  *** 590,597 ****
    	}
        }
        bsetflag( conn->client, B_SAFEREAD, 0 );
  !     if (len == (HUGE_STRING_LEN - 1))
            return 0;               /* Should be a 414 error status instead */
    
        r->request_time = time(NULL);
        r->the_request = pstrdup (r->pool, l);
  --- 590,600 ----
    	}
        }
        bsetflag( conn->client, B_SAFEREAD, 0 );
  !     if (len == (HUGE_STRING_LEN - 1)) {
  !         log_printf(r->server, "request failed for %s, reason: header too long",
  !             get_remote_host(r->connection, r->per_dir_config, REMOTE_NAME));
            return 0;               /* Should be a 414 error status instead */
  +     }
    
        r->request_time = time(NULL);
        r->the_request = pstrdup (r->pool, l);