about summary refs log tree commit diff
path: root/cgit.css
diff options
context:
space:
mode:
authorJason A. Donenfeld <Jason@zx2c4.com>2015-11-24 11:28:00 +0100
committerJason A. Donenfeld <Jason@zx2c4.com>2015-11-24 11:31:43 +0100
commit4458abf64172a62b92810c2293450106e6dfc763 (patch)
tree92a3f3587e85c11c77d11769a45d55ddb2fd81a6 /cgit.css
parentabout-formatting.sh: comment text out of date (diff)
downloadcgit-pink-4458abf64172a62b92810c2293450106e6dfc763.tar.gz
cgit-pink-4458abf64172a62b92810c2293450106e6dfc763.zip
filter: avoid integer overflow in authenticate_post
ctx.env.content_length is an unsigned int, coming from the
CONTENT_LENGTH environment variable, which is parsed by strtoul. The
HTTP/1.1 spec says that "any Content-Length greater than or equal to
zero is a valid value." By storing this into an int, we potentially
overflow it, resulting in the following bounding check failing, leading
to a buffer overflow.

Reported-by: Erik Cabetas <Erik@cabetas.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'cgit.css')
0 files changed, 0 insertions, 0 deletions
 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-02-18 09:52:18 +0000


 


L 3.3.2June McEnroe


2021-03-05Bump version to 3.3.1p1 3.3.1p1June McEnroe


2021-03-05build: Add OpenSSL includes to libcompatJune McEnroe

Some compat sources (getentropy_linux.c for example) require OpenSSL.

Reported by Robert Scheck.



2020-12-15Import LibreSSL 3.3.1June McEnroe


2020-11-24Import LibreSSL 3.3.0June McEnroe


2020-10-22Import LibreSSL 3.2.2June McEnroe


2020-09-29Import LibreSSL 3.2.1June McEnroe


2020-09-29import: Add m4/ax_add_fortify_source.m4June McEnroe


2020-08-05build: Add README.7 to EXTRA_DIST 3.2.0June McEnroe


2020-08-03doc: Indicate that only OpenSSL 1.1.1b and newer workJune McEnroe