byterange: Range of '0-' returns 206
Submitted by: Jim Jagielski
Reviewed by: jim, rpluem, rjung, sf
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@
1177080 13f79535-47bb-0310-9956-
ffa450edef68
-*- coding: utf-8 -*-
Changes with Apache 2.2.22
-
+ *) Fix a regression introduced by the CVE-2011-3192 byterange fix in 2.2.20:
+ A range of '0-' returns a 206. PR 51878. [Jim Jagielski]
Changes with Apache 2.2.21
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- * byterange: Range of '0-' returns 206.
- Trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1175980
- http://svn.apache.org/viewvc?view=revision&revision=1175992
- 2.2.x patch: http://people.apache.org/~jim/patches/2.2-byterange0-.txt
- +1: jim, rpluem, rjung, sf
- sf says: please also mention PR 51878 in CHANGES
-
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
[ New proposals should be added at the end of the list ]
}
else { /* "5-" */
end = clength - 1;
+ /*
+ * special case: 0-
+ * ignore all other ranges provided
+ * return as a single range: 0-
+ */
+ if (start == 0) {
+ apr_array_clear(*indexes);
+ idx = (indexes_t *)apr_array_push(*indexes);
+ idx->start = start;
+ idx->end = end;
+ sum_lengths = clength;
+ num_ranges = 1;
+ break;
+ }
}
}
/* If all ranges are unsatisfiable, we should return 416 */
return -1;
}
- if (sum_lengths >= clength) {
+ if (sum_lengths > clength) {
ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
- "Sum of ranges not smaller than file, ignoring.");
+ "Sum of ranges larger than file, ignoring.");
return 0;
}
projects / thirdparty / apache / httpd.git / commitdiff
