You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by rj...@apache.org on 2013/04/26 09:42:01 UTC

svn commit: r1476089 - in /httpd/httpd/branches/2.4.x: ./ CHANGES STATUS support/htdigest.c

Author: rjung
Date: Fri Apr 26 07:42:01 2013
New Revision: 1476089

URL: http://svn.apache.org/r1476089
Log:
htdigest: Fix buffer overflow when reading digest
password file with very long lines.

PR 54893.

Backport of r1475878 from trunk.

Proposed/Backported by: rjung
Reviewed by: humbedooh, covener

Modified:
    httpd/httpd/branches/2.4.x/   (props changed)
    httpd/httpd/branches/2.4.x/CHANGES
    httpd/httpd/branches/2.4.x/STATUS
    httpd/httpd/branches/2.4.x/support/htdigest.c

Propchange: httpd/httpd/branches/2.4.x/
------------------------------------------------------------------------------
  Merged /httpd/httpd/trunk:r1475878

Modified: httpd/httpd/branches/2.4.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?rev=1476089&r1=1476088&r2=1476089&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.4.x/CHANGES [utf-8] Fri Apr 26 07:42:01 2013
@@ -2,6 +2,9 @@
  
 Changes with Apache 2.4.5
 
+  *) htdigest: Fix buffer overflow when reading digest password file
+     with very long lines. PR 54893. [Rainer Jung]
+
   *) ap_expr: Add the ability to base64 encode and base64 decode
      strings and to generate their SHA1 hash.  [Graham Leggett]
 

Modified: httpd/httpd/branches/2.4.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/STATUS?rev=1476089&r1=1476088&r2=1476089&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/STATUS (original)
+++ httpd/httpd/branches/2.4.x/STATUS Fri Apr 26 07:42:01 2013
@@ -95,12 +95,6 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
       2.4.x patch: trunk patches work
       +1: sf, humbedooh, covener
 
-    * htdigest: Fix buffer overflow when reading digest
-      password file with very long lines. PR 54893.
-      trunk patches: https://svn.apache.org/r1475878
-      2.4.x patch: trunk patches work
-      +1: rjung, humbedooh, covener
-
 
 PATCHES PROPOSED TO BACKPORT FROM TRUNK:
   [ New proposals should be added at the end of the list ]

Modified: httpd/httpd/branches/2.4.x/support/htdigest.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/support/htdigest.c?rev=1476089&r1=1476088&r2=1476089&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/support/htdigest.c (original)
+++ httpd/httpd/branches/2.4.x/support/htdigest.c Fri Apr 26 07:42:01 2013
@@ -96,12 +96,15 @@ static int get_line(char *s, int n, apr_
     char ch;
     apr_status_t rv = APR_EINVAL;
 
-    while (i < (n - 1) &&
+    /* we need 2 remaining bytes in buffer */
+    while (i < (n - 2) &&
            ((rv = apr_file_getc(&ch, f)) == APR_SUCCESS) && (ch != '\n')) {
         s[i++] = ch;
     }
+    /* First remaining byte potentially used here */
     if (ch == '\n')
         s[i++] = ch;
+    /* Second remaining byte used here */
     s[i] = '\0';
 
     if (rv != APR_SUCCESS)