#1958 httpAdapter can crash on bad content length

Security
closed-fixed
sfcb (1090)
7
2010-07-14
2010-05-14
No

httpAdapter contains a heap overflow that is caused by an HTTP request with the Content-Length value being smaller than the actual size of the payload. The affect of this bug can cause the handling HTTP process to crash. If the request is specially crafted, arbitrary code execution could occur.

Discussion

  • Chris Buccella

    Chris Buccella - 2010-05-14
    • status: open --> pending-fixed
     
  • Chris Buccella

    Chris Buccella - 2010-05-14

    committed to CVS HEAD and git master

     
  • SourceForge Robot

    • status: pending-fixed --> closed-fixed
     
  • SourceForge Robot

    This Tracker item was closed automatically by the system. It was
    previously set to a Pending status, and the original submitter
    did not respond within 60 days (the time period specified by
    the administrator of this Tracker).

     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.





No, thanks