rpms / squid

Clone
Source Code
GIT

Blame SOURCES/squid-3.5.20-CVE-2020-24606.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-4 c8-stream-4 c8s-stream-4 c9 c9-beta
  1.   76e17699899d32c09dad754a6e47ab99e7fb0d62
  2.   SOURCES
  3.   squid-3.5.20-CVE-2020-24606.patch
Blob History Raw
07d5a6 
diff --git a/src/peer_digest.cc b/src/peer_digest.cc
07d5a6 
index 1b81fe7..25a18e0 100644
07d5a6 
--- a/src/peer_digest.cc
07d5a6 
+++ b/src/peer_digest.cc
07d5a6 
@@ -469,6 +469,15 @@ peerDigestHandleReply(void *data, StoreIOBuffer receivedData)
07d5a6
07d5a6 
     } while (cbdataReferenceValid(fetch) && prevstate != fetch->state && fetch->bufofs > 0);
07d5a6
07d5a6 
+    // Check for EOF here, thus giving the parser one extra run. We could avoid this overhead by
07d5a6 
+    // checking at the beginning of this function. However, in this case, we would have to require
07d5a6 
+    // that the parser does not regard EOF as a special condition (it is true now but may change
07d5a6 
+    // in the future).
07d5a6 
+    if (!receivedData.length) { // EOF
07d5a6 
+        peerDigestFetchAbort(fetch, fetch->buf, "premature end of digest reply");
07d5a6 
+        return;
07d5a6 
+    }
07d5a6 
+
07d5a6 
     /* Update the copy offset */
07d5a6 
     fetch->offset += receivedData.length;
07d5a6

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation