[OE-core] [denzil 16/18] lighttpd: fixing invalid read in valgrind
Mark Hatle
mark.hatle at windriver.com
Thu Feb 7 23:56:43 UTC 2013
From: Li Wang <li.wang at windriver.com>
[ CQID: WIND00393362 ]
Fix handling of empty header list entries in http_request_split_value,
fixing invalid read in valgrind (fixes #2413)
http://redmine.lighttpd.net/issues/2413
http://redmine.lighttpd.net/projects/lighttpd/repository/revisions/2830
Signed-off-by: Li Wang <li.wang at windriver.com>
Signed-off-by: Robert Yang <liezhi.yang at windriver.com>
Signed-off-by: Mark Hatle <mark.hatle at windriver.com>
---
.../lighttpd-fixing-invalid-read-in-valgrind.patch | 33 ++++++++++++++++++++++
meta/recipes-extended/lighttpd/lighttpd_1.4.30.bb | 3 +-
2 files changed, 35 insertions(+), 1 deletion(-)
create mode 100644 meta/recipes-extended/lighttpd/files/lighttpd-fixing-invalid-read-in-valgrind.patch
diff --git a/meta/recipes-extended/lighttpd/files/lighttpd-fixing-invalid-read-in-valgrind.patch b/meta/recipes-extended/lighttpd/files/lighttpd-fixing-invalid-read-in-valgrind.patch
new file mode 100644
index 0000000..9c2e574
--- /dev/null
+++ b/meta/recipes-extended/lighttpd/files/lighttpd-fixing-invalid-read-in-valgrind.patch
@@ -0,0 +1,33 @@
+lighttpd: fixing invalid read in valgrind
+
+Fix handling of empty header list entries in http_request_split_value,
+fixing invalid read in valgrind (fixes #2413)
+
+http://redmine.lighttpd.net/issues/2413
+http://redmine.lighttpd.net/projects/lighttpd/repository/revisions/2830
+
+Signed-off-by: Li Wang <li.wang at windriver.com>
+---
+ src/request.c | 4 +++-
+ 1 files changed, 3 insertions(+), 1 deletions(-)
+
+diff --git a/src/request.c b/src/request.c
+index a48bf48..e76a98f 100644
+--- a/src/request.c
++++ b/src/request.c
+@@ -241,9 +241,11 @@ static int http_request_split_value(array *vals, buffer *b) {
+ start = s;
+
+ for (; *s != ',' && i < b->used - 1; i++, s++);
++ if (start == s) break; /* empty fields are skipped */
+ end = s - 1;
+
+- for (; (*end == ' ' || *end == '\t') && end > start; end--);
++ for (; end > start && (*end == ' ' || *end == '\t'); end--);
++ if (start == end) break; /* empty fields are skipped */
+
+ if (NULL == (ds = (data_string *)array_get_unused_element(vals, TYPE_STRING))) {
+ ds = data_string_init();
+--
+1.7.0.5
+
diff --git a/meta/recipes-extended/lighttpd/lighttpd_1.4.30.bb b/meta/recipes-extended/lighttpd/lighttpd_1.4.30.bb
index 3ae3867..c4008af 100644
--- a/meta/recipes-extended/lighttpd/lighttpd_1.4.30.bb
+++ b/meta/recipes-extended/lighttpd/lighttpd_1.4.30.bb
@@ -16,12 +16,13 @@ RDEPENDS_${PN} += " \
lighttpd-module-staticfile \
"
-PR = "r0"
+PR = "r1"
SRC_URI = "http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-${PV}.tar.bz2 \
file://index.html.lighttpd \
file://lighttpd.conf \
file://lighttpd \
+ file://lighttpd-fixing-invalid-read-in-valgrind.patch \
"
SRC_URI[md5sum] = "63f9df52dcae0ab5689a95c99c54e48a"
--
1.8.1.2.545.g2f19ada
More information about the Openembedded-core
mailing list