]> git.ipfire.org Git - thirdparty/pdns.git/commit
projects / thirdparty / pdns.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 566ad63) | patch
YaHTTP: Prevent integer overflow on very large chunks 13078/head
authorRemi Gacogne <remi.gacogne@powerdns.com>
Wed, 8 Mar 2023 17:25:30 +0000 (18:25 +0100)
committerOtto Moerbeek <otto.moerbeek@open-xchange.com>
Wed, 26 Jul 2023 08:00:32 +0000 (10:00 +0200)
commitbef9ac1af62efa37a079cdc9ccf18ad84c5403de
treeb6193e3849a90fc739efb9f0b0e091fc0eaf4e26tree
parent566ad636d52331435705fb3a9c876966e53a4d9dcommit | diff
YaHTTP: Prevent integer overflow on very large chunks

If the chunk_size is very close to the maximum value of an integer,
we trigger an integer overflow when checking if we have a trailing
newline after the payload.
Reported by OSS-Fuzz as:
https://oss-fuzz.com/testcase-detail/6439610474692608
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56804

(cherry picked from commit b602982fc5b4fb9139dec591541e0c070ceb47f5)
ext/yahttp/yahttp/reqresp.cpp diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.