Browse Source

added some extra protection to make sure key-len and val-len don't

overrun


git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@1984 152afb58-edef-0310-8abb-c4023f1b3aa9
svn/tags/lighttpd-1.4.18
Jan Kneschke 15 years ago
parent
commit
eaed2f1e50
  1. 8
      src/mod_fastcgi.c

8
src/mod_fastcgi.c

@ -1578,6 +1578,14 @@ static int fcgi_env_add(buffer *env, const char *key, size_t key_len, const char
return -1;
}
/**
* field length can be 31bit max
*
* HINT: this can't happen as FCGI_MAX_LENGTH is only 16bit
*/
if (key_len > 0x7fffffff) key_len = 0x7fffffff;
if (val_len > 0x7fffffff) val_len = 0x7fffffff;
buffer_prepare_append(env, len);
if (key_len > 127) {

Loading…
Cancel
Save