You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by co...@apache.org on 2017/06/19 17:04:13 UTC
svn commit: r1799235 - in /httpd/httpd/branches/2.2.x: CHANGES STATUS
modules/http/mod_mime.c
Author: covener
Date: Mon Jun 19 17:04:13 2017
New Revision: 1799235
URL: http://svn.apache.org/viewvc?rev=1799235&view=rev
Log:
Merge r1797550 from trunk:
mod_mime: fix quoted pair scanning
Submitted By: ylavic
Modified:
httpd/httpd/branches/2.2.x/CHANGES
httpd/httpd/branches/2.2.x/STATUS
httpd/httpd/branches/2.2.x/modules/http/mod_mime.c
Modified: httpd/httpd/branches/2.2.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?rev=1799235&r1=1799234&r2=1799235&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.2.x/CHANGES [utf-8] Mon Jun 19 17:04:13 2017
@@ -18,6 +18,10 @@ Changes with Apache 2.2.33
authentication phase may lead to authentication requirements being
bypassed.
[Emmanuel Dreyfus <manu netbsd.org>, Jacob Champion, Eric Covener]
+
+ *) SECURITY: CVE-2017-7679 (cve.mitre.org)
+ mod_mime can read one byte past the end of a buffer when sending a
+ malicious Content-Type response header. [Yann Ylavic]
*) Fix HttpProtocolOptions to inherit from global to VirtualHost scope.
[Joe Orton]
Modified: httpd/httpd/branches/2.2.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/STATUS?rev=1799235&r1=1799234&r2=1799235&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/STATUS (original)
+++ httpd/httpd/branches/2.2.x/STATUS Mon Jun 19 17:04:13 2017
@@ -104,11 +104,6 @@ RELEASE SHOWSTOPPERS:
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- *) mod_mime: Fix scanning of quoted-pairs.
- trunk patch: http://svn.apache.org/r1797550
- 2.4.x patch: svn merge -c 1797550 ^/httpd/httpd/trunk .
- +1: covener, ylavic, wrowe
-
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
[ New proposals should be added at the end of the list ]
Modified: httpd/httpd/branches/2.2.x/modules/http/mod_mime.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/http/mod_mime.c?rev=1799235&r1=1799234&r2=1799235&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/modules/http/mod_mime.c (original)
+++ httpd/httpd/branches/2.2.x/modules/http/mod_mime.c Mon Jun 19 17:04:13 2017
@@ -528,9 +528,9 @@ static int is_quoted_pair(const char *s)
int res = -1;
int c;
- if (((s + 1) != NULL) && (*s == '\\')) {
+ if (*s == '\\') {
c = (int) *(s + 1);
- if (apr_isascii(c)) {
+ if (c && apr_isascii(c)) {
res = 1;
}
}