From: Jim Jagielski <jim@apache.org>
Date: Tue, 9 Jul 2002 15:26:26 +0000 (+0000)
Subject: Don't allow a negative value to sneak through
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b742d152cc9fa6aa5cbc7d53d8bcbae7f6e7960b;p=thirdparty%2Fapache%2Fhttpd.git

Don't allow a negative value to sneak through


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@95987 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/src/main/http_protocol.c b/src/main/http_protocol.c
index 99a385e8b80..2a9e80813a3 100644
--- a/src/main/http_protocol.c
+++ b/src/main/http_protocol.c
@@ -2024,7 +2024,7 @@ API_EXPORT(int) ap_setup_client_block(request_rec *r, int read_policy)
             char *endstr;
             errno = 0;
             r->remaining = ap_strtol(lenp, &endstr, 10);
-            if (errno || (endstr && *endstr)) {
+            if (errno || (endstr && *endstr) || (r->remaining < 0)) {
                 conversion_error = 1;
             }
         }