[Pkg-apache-commits] r1388 - in /trunk/apache2: changelog patches/085_CVE-2011-3607
sf at alioth.debian.org
sf at alioth.debian.org
Thu Dec 29 10:54:09 UTC 2011
Author: sf
Date: Thu Dec 29 10:54:08 2011
New Revision: 1388
URL: http://svn.debian.org/wsvn/pkg-apache/?sc=1&rev=1388
Log:
Fix broken patch for CVE-2011-3607
Modified:
trunk/apache2/changelog
trunk/apache2/patches/085_CVE-2011-3607
Modified: trunk/apache2/changelog
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2/changelog?rev=1388&op=diff
==============================================================================
--- trunk/apache2/changelog (original)
+++ trunk/apache2/changelog Thu Dec 29 10:54:08 2011
@@ -35,6 +35,7 @@
[Stefan Fritsch]
+ * Security: Fix broken patch for CVE-2011-3607 (Integer overflow in ap_pregsub).
* Optimize debian/rules again to improve build time by doing most work in a
parallelized "build-and-install-%" target.
Modified: trunk/apache2/patches/085_CVE-2011-3607
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2/patches/085_CVE-2011-3607?rev=1388&op=diff
==============================================================================
--- trunk/apache2/patches/085_CVE-2011-3607 (original)
+++ trunk/apache2/patches/085_CVE-2011-3607 Thu Dec 29 10:54:08 2011
@@ -5,8 +5,10 @@
## DP: Fix integer overflow, based on upstream r1198940
@DPATCH@
---- a/server/util.c
-+++ b/server/util.c
+Index: trunk/server/util.c
+===================================================================
+--- trunk.orig/server/util.c 2011-12-29 11:48:52.208562162 +0100
++++ trunk/server/util.c 2011-12-29 11:50:13.204564281 +0100
@@ -366,7 +366,7 @@
char *dest, *dst;
char c;
@@ -21,7 +23,7 @@
}
else if (no < nmatch && pmatch[no].rm_so < pmatch[no].rm_eo) {
+ if (APR_SIZE_MAX - len <= pmatch[no].rm_eo - pmatch[no].rm_so)
-+ return APR_ENOMEM;
++ return NULL;
len += pmatch[no].rm_eo - pmatch[no].rm_so;
}
More information about the Pkg-apache-commits
mailing list