git.ipfire.org Git - thirdparty/apache/httpd.git/commit

author	Joe Orton <jorton@apache.org>
	Mon, 14 Jul 2014 19:55:04 +0000 (19:55 +0000)
committer	Joe Orton <jorton@apache.org>
	Mon, 14 Jul 2014 19:55:04 +0000 (19:55 +0000)
commit	4bbf0508ea33b0a295f49e11810f6c6d13ba7b47
tree	61d911dc578ba86c5b049a1444e7767bb7bd0670	tree
parent	b4398f748c08f3355cfc786b1eecdd6490e91fe5	commit \| diff

Merge 1610491 from trunk:

SECURITY (CVE-2014-0226): Fix a race condition in scoreboard handling,
which could lead to a heap buffer overflow. Thanks to Marek Kroemeke
working with HP's Zero Day Initiative for reporting this.

* include/scoreboard.h: Add ap_copy_scoreboard_worker.

* server/scoreboard.c (ap_copy_scoreboard_worker): New function.

* modules/generators/mod_status.c (status_handler): Use it.

* modules/lua/lua_request.c (lua_ap_scoreboard_worker): Likewise.

Reviewed by: trawick, jorton, covener, jim
Submitted by: jorton, covener

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610499 13f79535-47bb-0310-9956-ffa450edef68

CHANGES		diff \| blob \| blame \| history
include/ap_mmn.h		diff \| blob \| blame \| history
include/scoreboard.h		diff \| blob \| blame \| history
modules/generators/mod_status.c		diff \| blob \| blame \| history
modules/lua/lua_request.c		diff \| blob \| blame \| history
server/scoreboard.c		diff \| blob \| blame \| history