]> git.ipfire.org Git - thirdparty/apache/httpd.git/commit
projects / thirdparty / apache / httpd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ebf3ba3) | patch
CVE-2010-1452: Fix handling of missing path segments in the parsed URI structure.
authorPaul Querna <pquerna@apache.org>
Wed, 21 Jul 2010 18:25:49 +0000 (18:25 +0000)
committerPaul Querna <pquerna@apache.org>
Wed, 21 Jul 2010 18:25:49 +0000 (18:25 +0000)
commit98115eef19b4a3c1120106f1bc530b458de85860
tree2c894169ee24c458f86d86545f947f343a0c451ftree | snapshot
parentebf3ba3204ae05735e2f3924e772407a21f73642commit | diff
CVE-2010-1452: Fix handling of missing path segments in the parsed URI structure.

If a specially crafted request was sent, it is possible to crash mod_dav or
mod_cache, as they accessed a field that is set to NULL by the URI parser,
assuming that it always put in a valid string.

PR: 49246
Submitted by: Mark Drayton
Patch by: Jeff Trawick

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@966349 13f79535-47bb-0310-9956-ffa450edef68
CHANGES diff | blob | blame | history
include/httpd.h diff | blob | blame | history
modules/cache/cache_storage.c diff | blob | blame | history
modules/dav/main/util.c diff | blob | blame | history
Mirror of https://github.com/apache/httpd.git