Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:13.1:Update
tinyproxy
110-headerlimit.diff
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 110-headerlimit.diff of Package tinyproxy
References: https://banu.com/bugzilla/show_bug.cgi?id=110 References: http://bugzilla.novell.com/776506 @@ -, +, @@ prevent DoS --- src/reqs.c | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) --- a/src/reqs.c +++ a/src/reqs.c @@ -611,12 +611,19 @@ add_header_to_connection (hashmap_t hashofheaders, char *header, size_t len) } /* + * define max number of headers. + * big enough to handle legitimate cases, but limited to avoid DoS + */ +#define MAX_HEADERS 10000 + +/* * Read all the headers from the stream */ static int get_all_headers (int fd, hashmap_t hashofheaders) { char *line = NULL; char *header = NULL; + int count; char *tmp; ssize_t linelen; ssize_t len = 0; @@ -625,7 +632,7 @@ static int get_all_headers (int fd, hashmap_t hashofheaders) assert (fd >= 0); assert (hashofheaders != NULL); - for (;;) { + for (count = 0; count < MAX_HEADERS; count++) { if ((linelen = readline (fd, &line)) <= 0) { safefree (header); safefree (line); @@ -691,6 +698,14 @@ static int get_all_headers (int fd, hashmap_t hashofheaders) safefree (line); } + + /* + * if we get there, this is we reached MAX_HEADERS count + * bail out with error + */ + safefree (header); + safefree (line); + return -1; } /* --
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor