rpms / httpd24-httpd

Clone
Source Code
GIT

Blame SOURCES/httpd-2.4.34-CVE-2022-26377.patch

c7
  1.   c7
  2.   SOURCES
  3.   httpd-2.4.34-CVE-2022-26377.patch
Blob History Raw
879b17 
diff --git a/modules/proxy/mod_proxy_ajp.c b/modules/proxy/mod_proxy_ajp.c
879b17 
index c3f5e5c..eb550e5 100644
879b17 
--- a/modules/proxy/mod_proxy_ajp.c
879b17 
+++ b/modules/proxy/mod_proxy_ajp.c
879b17 
@@ -249,9 +249,18 @@ static int ap_proxy_ajp_request(apr_pool_t *p, request_rec *r,
879b17 
     /* read the first bloc of data */
879b17 
     input_brigade = apr_brigade_create(p, r->connection->bucket_alloc);
879b17 
     tenc = apr_table_get(r->headers_in, "Transfer-Encoding");
879b17 
-    if (tenc && (strcasecmp(tenc, "chunked") == 0)) {
879b17 
-        /* The AJP protocol does not want body data yet */
879b17 
-        ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(00870) "request is chunked");
879b17 
+    if (tenc) {
879b17 
+        if (ap_cstr_casecmp(tenc, "chunked") == 0) {
879b17 
+            /* The AJP protocol does not want body data yet */
879b17 
+            ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(00870)
879b17 
+                          "request is chunked");
879b17 
+        }
879b17 
+        else {
879b17 
+            ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10396)
879b17 
+                          "%s Transfer-Encoding is not supported",
879b17 
+                          tenc);
879b17 
+            return HTTP_INTERNAL_SERVER_ERROR;
879b17 
+        }
879b17 
     } else {
879b17 
         /* Get client provided Content-Length header */
879b17 
         content_length = get_content_length(r);

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation