cgoncalves / rpms / mod_security

Forked from rpms/mod_security 4 years ago
Clone
Source Code
GIT

Blame SOURCES/mod_security-2.7.3-fix-mem-leak-and-cve-2013-2765.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta
  1.   7376a77a6b56b96133f7503b278f02c33f0797e3
  2.   SOURCES
  3.   mod_security-2.7.3-fix-mem-leak-and-cve-2013-2765.patch
Blob History Raw
cb7d8a 
diff -ru modsecurity-apache_2.7.3.orig/apache2/msc_reqbody.c modsecurity-apache_2.7.3/apache2/msc_reqbody.c
cb7d8a 
--- modsecurity-apache_2.7.3.orig/apache2/msc_reqbody.c	2013-03-24 08:12:29.000000000 +0100
cb7d8a 
+++ modsecurity-apache_2.7.3/apache2/msc_reqbody.c	2013-05-28 14:48:39.063673996 +0100
cb7d8a 
@@ -170,6 +170,7 @@
cb7d8a
cb7d8a 
     /* Would storing this chunk mean going over the limit? */
cb7d8a 
     if ((msr->msc_reqbody_spilltodisk)
cb7d8a 
+        && (msr->txcfg->reqbody_buffering != REQUEST_BODY_FORCEBUF_ON)
cb7d8a 
         && (msr->msc_reqbody_length + length > (apr_size_t)msr->txcfg->reqbody_inmemory_limit))
cb7d8a 
     {
cb7d8a 
         msc_data_chunk **chunks;
cb7d8a 
diff -ru modsecurity-apache_2.7.3.orig/apache2/re_operators.c modsecurity-apache_2.7.3/apache2/re_operators.c
cb7d8a 
--- modsecurity-apache_2.7.3.orig/apache2/re_operators.c	2013-03-24 08:12:29.000000000 +0100
cb7d8a 
+++ modsecurity-apache_2.7.3/apache2/re_operators.c	2013-05-28 14:49:30.448696404 +0100
cb7d8a 
@@ -369,7 +369,7 @@
cb7d8a 
 /* rsub */
cb7d8a
cb7d8a 
 static char *param_remove_escape(msre_rule *rule, char *str, int len)  {
cb7d8a 
-    char *parm = apr_palloc(rule->ruleset->mp, len);
cb7d8a 
+    char *parm = apr_pcalloc(rule->ruleset->mp, len);
cb7d8a 
     char *ret = parm;
cb7d8a
cb7d8a 
     for(;*str!='\0';str++)    {

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation