[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[Fwd: FIX: Chunk fix for Apache 1.3.24 i386 .deb + source .dsc and .diff.gz available.]

Hi All!

Source and an i386 .deb are now up on:

http://people.debian.org/~grantma

MD5sums:
$ md5sum apache_1.3.24-3.0.anathoth.1*
2694e435fcc5a8197d4942d38a651b43  apache_1.3.24-3.0.anathoth.1.diff.gz
b84b0f106079ab7f66f40d135f5ed3f9  apache_1.3.24-3.0.anathoth.1.dsc
561f18885c58b8302d3039accea8e8bf
apache_1.3.24-3.0.anathoth.1_i386.changes
5b0cf3f2a12b36063c7c19c8adbc450a  apache_1.3.24-3.0.anathoth.1_i386.deb



Here is a rehashed version of the patch cert_vucert944335 chunk fix
patch used in apache_1.3.9-14.1 for potato which works for apache in
woody and sid. 

The only thing stopping it was a comment about EBCDIC! 

Got to go  - test this thing on s390 as well! 

Uploading .debs to fix apache chunk size stuff for i386 on woody and sid
NOW!  Source .dsc and .diff is there if others want to build for other
architectures. The i386 .deb works on my home system.

Did not know how to do NMU with new security system, or someone else can
look after it. Matthew? Steve?

Best Regards, 

Matthew Grant
-- 
===============================================================================
Matthew Grant	     /\	 ^/\^	grantma@anathoth.gen.nz      /~~~~\
A Linux Network Guy /~~\^/~~\_/~~~~~\_______/~~~~~~~~~~\____/******\
===GPG KeyID: 2EE20270  FingerPrint:
8C2535E1A11DF3EA5EA19125BA4E790E2EE20270==

--- build-tree/apache_1.3.24/src/main/http_protocol.c.cert_vucert944335	Fri Mar 22 02:49:46 2002
+++ build-tree/apache_1.3.24/src/main/http_protocol.c	Thu Jun 20 19:50:31 2002
@@ -2019,21 +2019,35 @@
 static long get_chunk_size(char *b)
 {
     long chunksize = 0;
+    long chunkbits = sizeof(long) * 8;
 
-    while (ap_isxdigit(*b)) {
+    /* Skip leading zeros */
+    while (*b == '0') {
+        ++b;
+    }
+
+    while (ap_isxdigit(*b) && (chunkbits > 0)) {
         int xvalue = 0;
 
 	/* This works even on EBCDIC. */
-        if (*b >= '0' && *b <= '9')
+        if (*b >= '0' && *b <= '9') {
             xvalue = *b - '0';
-        else if (*b >= 'A' && *b <= 'F')
+        }
+        else if (*b >= 'A' && *b <= 'F') {
             xvalue = *b - 'A' + 0xa;
-        else if (*b >= 'a' && *b <= 'f')
+        }
+        else if (*b >= 'a' && *b <= 'f') {
             xvalue = *b - 'a' + 0xa;
+        }
 
         chunksize = (chunksize << 4) | xvalue;
+        chunkbits -= 4;
         ++b;
     }
+    if (ap_isxdigit(*b) && (chunkbits <= 0)) {
+        /* overflow */
+        return -1;
+    }
 
     return chunksize;
 }
@@ -2117,6 +2131,10 @@
                 return 0;
             }
             r->remaining = -1;  /* Indicate footers in-progress */
+        }
+        else if (len_to_read < 0) {
+            r->connection->keepalive = -1;
+            return -1;
         }
         else {
             r->remaining = len_to_read;
-- 
===============================================================================
Matthew Grant	     /\	 ^/\^	grantma@anathoth.gen.nz      /~~~~\
A Linux Network Guy /~~\^/~~\_/~~~~~\_______/~~~~~~~~~~\____/******\
===GPG KeyID: 2EE20270  FingerPrint: 8C2535E1A11DF3EA5EA19125BA4E790E2EE20270==

Attachment: signature.asc
Description: This is a digitally signed message part

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: