Commit 0b97b9f7 authored by Eric Covener's avatar Eric Covener
Browse files

Merge r1797550 from trunk: 

mod_mime: fix quoted pair scanning


Submitted By: ylavic




git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1799235 13f79535-47bb-0310-9956-ffa450edef68
parent 7103baa2

CHANGES

+4 −0
Original line number Diff line number Diff line
@@ -19,6 +19,10 @@ Changes with Apache 2.2.33 
     bypassed.

     [Emmanuel Dreyfus <manu netbsd.org>, Jacob Champion, Eric Covener]



  *) SECURITY: CVE-2017-7679 (cve.mitre.org)

     mod_mime can read one byte past the end of a buffer when sending a

     malicious Content-Type response header.  [Yann Ylavic]

  

  *) Fix HttpProtocolOptions to inherit from global to VirtualHost scope.

     [Joe Orton]

STATUS

+0 −5
Original line number Diff line number Diff line
@@ -104,11 +104,6 @@ RELEASE SHOWSTOPPERS: 
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:

  [ start all new proposals below, under PATCHES PROPOSED. ]



   *) mod_mime: Fix scanning of quoted-pairs.

      trunk patch: http://svn.apache.org/r1797550

      2.4.x patch: svn merge -c 1797550 ^/httpd/httpd/trunk .

      +1: covener, ylavic, wrowe





PATCHES PROPOSED TO BACKPORT FROM TRUNK:

  [ New proposals should be added at the end of the list ]

modules/http/mod_mime.c

+2 −2
Original line number Diff line number Diff line
@@ -528,9 +528,9 @@ static int is_quoted_pair(const char *s) 
    int res = -1;

    int c;



    if (((s + 1) != NULL) && (*s == '\\')) {

    if (*s == '\\') {

        c = (int) *(s + 1);

        if (apr_isascii(c)) {

        if (c && apr_isascii(c)) {

            res = 1;

        }

    }