]> git.ipfire.org Git - thirdparty/pdns.git/commit
projects / thirdparty / pdns.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 24735ef) | patch
YaHTTP: Prevent integer overflow on very large chunks 13127/head
authorRemi Gacogne <remi.gacogne@powerdns.com>
Wed, 8 Mar 2023 17:25:30 +0000 (18:25 +0100)
committerRemi Gacogne <remi.gacogne@powerdns.com>
Mon, 14 Aug 2023 14:30:18 +0000 (16:30 +0200)
commite949aeffe5c323e14f0cf1483e1b99c46ded5108
tree299665a2c0d773a6b55d01416b4f5e379bad7faetree
parent24735efc3554ec5dd37b61afebff93fef2b3762bcommit | diff
YaHTTP: Prevent integer overflow on very large chunks

If the chunk_size is very close to the maximum value of an integer,
we trigger an integer overflow when checking if we have a trailing
newline after the payload.
Reported by OSS-Fuzz as:
https://oss-fuzz.com/testcase-detail/6439610474692608
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56804

(cherry picked from commit b602982fc5b4fb9139dec591541e0c070ceb47f5)
ext/yahttp/yahttp/reqresp.cpp diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.