Skip to content
Commit 55ad7eb6 authored by Joe Orton's avatar Joe Orton
Browse files

Merge r1640036, r1640331 from trunk:

mod_proxy_fcgi: SECURITY: CVE-2014-3583 (cve.mitre.org)
Fix a potential crash with response headers' size above 8K.

The code changes to mod_authnz_fcgi keep the handle_headers()
function in sync between the two modules.  mod_authnz_fcgi
does not have this issue because it allocated a separate byte
for terminating '\0'.

Submitted by: ylavic, trawick
Reviewed by: ylavic, trawick, mrumph


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1641551 13f79535-47bb-0310-9956-ffa450edef68
parent 0975a21a
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment