]> git.ipfire.org Git - thirdparty/pdns.git/commit
projects / thirdparty / pdns.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9066747) | patch
YaHTTP: Prevent integer overflow on very large chunks 12992/head
authorRemi Gacogne <remi.gacogne@powerdns.com>
Wed, 8 Mar 2023 17:25:30 +0000 (18:25 +0100)
committerPeter van Dijk <peter.van.dijk@powerdns.com>
Thu, 6 Jul 2023 13:29:13 +0000 (15:29 +0200)
commitee93d69fc6ce66080279b9fa78b9fd5c61966f67
tree69468138efc888aa657c7228a0e25f2ba586f20ftree
parent90667475b967974504c0f884bbee7a5c4e5db2b2commit | diff
YaHTTP: Prevent integer overflow on very large chunks

If the chunk_size is very close to the maximum value of an integer,
we trigger an integer overflow when checking if we have a trailing
newline after the payload.
Reported by OSS-Fuzz as:
https://oss-fuzz.com/testcase-detail/6439610474692608
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56804

(cherry picked from commit b602982fc5b4fb9139dec591541e0c070ceb47f5)
ext/yahttp/yahttp/reqresp.cpp diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.