Skip to content
GitLab
Find file BlameHistoryPermalink
  • Joe Orton's avatar
    Merge r1640036, r1640331 from trunk: · 55ad7eb6
    Joe Orton authored 
    mod_proxy_fcgi: SECURITY: CVE-2014-3583 (cve.mitre.org)
Fix a potential crash with response headers' size above 8K.

The code changes to mod_authnz_fcgi keep the handle_headers()
function in sync between the two modules.  mod_authnz_fcgi
does not have this issue because it allocated a separate byte
for terminating '\0'.

Submitted by: ylavic, trawick
Reviewed by: ylavic, trawick, mrumph


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1641551 13f79535-47bb-0310-9956-ffa450edef68
    55ad7eb6
To find the state of this project's repository at the time of any of these versions, check out the tags.