https://bz.apache.org/bugzilla/show_bug.cgi?id=68902
Bug ID: 68902
Summary: [PATCH] Fixed args parsing in htdbm.c
Product: Apache httpd-2
Version: 2.4.59
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: support
Assignee: bugs@httpd.apache.org
Reporter: vegorova@astralinux.ru
Target Milestone: ---
Created attachment 39669
--> https://bz.apache.org/bugzilla/attachment.cgi?id=39669&action=edit
Args parse fix in htdbm
An error was detected in the htdbm in processing arguments, which subsequently
causes SEGV (https://bz.apache.org/bugzilla/show_bug.cgi?id=66637 and
https://bz.apache.org/bugzilla/show_bug.cgi?id=66638).
Previously, arguments were processed this way:
1. The args_left value is initialized, which is responsible for the number of
remaining arguments after the flags (username, database, password, depending on
the flags, some of them are required or not)
2. When a certain flag appears, the value of args_left is decreased or
increased. In this case, incorrect processing is possible when the value was
decreased, although the flags were not processed correctly (for example, in the
case of the input string "-nx-B", first n and x will be processed as flags,
and then the loop will be exited. Since in the "case n" we decreased args_left
to 1, then only one argument is expected after the flag. After processing x, an
invalid character will be encountered - and processing of the flags in the loop
will be interrupted, so the entire input will be accepted as one whole
argument, but the value of args_left has already been changed).
The attached patch corrects this problem as follows: instead of changing the
value of args_left inside the loop, the value changes after it depending on the
command, and also transferred changes to the values of flags responsible for a
specific argument (for example, user_needed)
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
Bug ID: 68902
Summary: [PATCH] Fixed args parsing in htdbm.c
Product: Apache httpd-2
Version: 2.4.59
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: support
Assignee: bugs@httpd.apache.org
Reporter: vegorova@astralinux.ru
Target Milestone: ---
Created attachment 39669
--> https://bz.apache.org/bugzilla/attachment.cgi?id=39669&action=edit
Args parse fix in htdbm
An error was detected in the htdbm in processing arguments, which subsequently
causes SEGV (https://bz.apache.org/bugzilla/show_bug.cgi?id=66637 and
https://bz.apache.org/bugzilla/show_bug.cgi?id=66638).
Previously, arguments were processed this way:
1. The args_left value is initialized, which is responsible for the number of
remaining arguments after the flags (username, database, password, depending on
the flags, some of them are required or not)
2. When a certain flag appears, the value of args_left is decreased or
increased. In this case, incorrect processing is possible when the value was
decreased, although the flags were not processed correctly (for example, in the
case of the input string "-nx-B", first n and x will be processed as flags,
and then the loop will be exited. Since in the "case n" we decreased args_left
to 1, then only one argument is expected after the flag. After processing x, an
invalid character will be encountered - and processing of the flags in the loop
will be interrupted, so the entire input will be accepted as one whole
argument, but the value of args_left has already been changed).
The attached patch corrects this problem as follows: instead of changing the
value of args_left inside the loop, the value changes after it depending on the
command, and also transferred changes to the values of flags responsible for a
specific argument (for example, user_needed)
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org