CHANGES · 83f5a29060001bd407e243b4a19181bc0fe1b3d4 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP Apache Httpd · GitLab

Merge r1575400 from trunk: · 83f5a290

Jim Jagielski authored Mar 10, 2014

CVE-2014-0098 (reported by Rainer Canavan <rainer-apache 7val com>)
Segfaults w/ truncated cookie logging.

Clean up the cookie logging parser to recognize only the cookie=value pairs,
not valueless cookies.  This refactors multiple passes over the same string
buffer into a single pass parser.

Submitted by: wrowe
Reviewed by: rpluem, jim 


Submitted by: wrowe
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1575904 13f79535-47bb-0310-9956-ffa450edef68

83f5a290

To find the state of this project's repository at the time of any of these versions, check out the tags.