Hi All! Source and an i386 .deb are now up on: http://people.debian.org/~grantma MD5sums: $ md5sum apache_1.3.24-3.0.anathoth.1* 2694e435fcc5a8197d4942d38a651b43 apache_1.3.24-3.0.anathoth.1.diff.gz b84b0f106079ab7f66f40d135f5ed3f9 apache_1.3.24-3.0.anathoth.1.dsc 561f18885c58b8302d3039accea8e8bf apache_1.3.24-3.0.anathoth.1_i386.changes 5b0cf3f2a12b36063c7c19c8adbc450a apache_1.3.24-3.0.anathoth.1_i386.deb Here is a rehashed version of the patch cert_vucert944335 chunk fix patch used in apache_1.3.9-14.1 for potato which works for apache in woody and sid. The only thing stopping it was a comment about EBCDIC! Got to go - test this thing on s390 as well! Uploading .debs to fix apache chunk size stuff for i386 on woody and sid NOW! Source .dsc and .diff is there if others want to build for other architectures. The i386 .deb works on my home system. Did not know how to do NMU with new security system, or someone else can look after it. Matthew? Steve? Best Regards, Matthew Grant -- =============================================================================== Matthew Grant /\ ^/\^ grantma@anathoth.gen.nz /~~~~\ A Linux Network Guy /~~\^/~~\_/~~~~~\_______/~~~~~~~~~~\____/******\ ===GPG KeyID: 2EE20270 FingerPrint: 8C2535E1A11DF3EA5EA19125BA4E790E2EE20270==
--- build-tree/apache_1.3.24/src/main/http_protocol.c.cert_vucert944335 Fri Mar 22 02:49:46 2002 +++ build-tree/apache_1.3.24/src/main/http_protocol.c Thu Jun 20 19:50:31 2002 @@ -2019,21 +2019,35 @@ static long get_chunk_size(char *b) { long chunksize = 0; + long chunkbits = sizeof(long) * 8; - while (ap_isxdigit(*b)) { + /* Skip leading zeros */ + while (*b == '0') { + ++b; + } + + while (ap_isxdigit(*b) && (chunkbits > 0)) { int xvalue = 0; /* This works even on EBCDIC. */ - if (*b >= '0' && *b <= '9') + if (*b >= '0' && *b <= '9') { xvalue = *b - '0'; - else if (*b >= 'A' && *b <= 'F') + } + else if (*b >= 'A' && *b <= 'F') { xvalue = *b - 'A' + 0xa; - else if (*b >= 'a' && *b <= 'f') + } + else if (*b >= 'a' && *b <= 'f') { xvalue = *b - 'a' + 0xa; + } chunksize = (chunksize << 4) | xvalue; + chunkbits -= 4; ++b; } + if (ap_isxdigit(*b) && (chunkbits <= 0)) { + /* overflow */ + return -1; + } return chunksize; } @@ -2117,6 +2131,10 @@ return 0; } r->remaining = -1; /* Indicate footers in-progress */ + } + else if (len_to_read < 0) { + r->connection->keepalive = -1; + return -1; } else { r->remaining = len_to_read;
-- =============================================================================== Matthew Grant /\ ^/\^ grantma@anathoth.gen.nz /~~~~\ A Linux Network Guy /~~\^/~~\_/~~~~~\_______/~~~~~~~~~~\____/******\ ===GPG KeyID: 2EE20270 FingerPrint: 8C2535E1A11DF3EA5EA19125BA4E790E2EE20270== |
Attachment:
signature.asc
Description: This is a digitally signed message part
Attachment:
signature.asc
Description: This is a digitally signed message part