diff options
Diffstat (limited to 'net-proxy/polipo/files/polipo-1.1.1-cve-2020-36420.patch')
-rw-r--r-- | net-proxy/polipo/files/polipo-1.1.1-cve-2020-36420.patch | 26 |
1 files changed, 0 insertions, 26 deletions
diff --git a/net-proxy/polipo/files/polipo-1.1.1-cve-2020-36420.patch b/net-proxy/polipo/files/polipo-1.1.1-cve-2020-36420.patch deleted file mode 100644 index 20fca8cf30a5..000000000000 --- a/net-proxy/polipo/files/polipo-1.1.1-cve-2020-36420.patch +++ /dev/null @@ -1,26 +0,0 @@ -Reject packet with malformed range field instead of raising assert. -This fixes CVE-2020-36420 and makes polipo conformant to RFC7233. ---- a/server.c 2014-05-15 02:19:43.000000000 +0400 -+++ b/server.c 2021-08-11 13:42:55.156568391 +0300 -@@ -1468,7 +1468,6 @@ - int port; - int x, y, z; - -- assert(from >= 0 && (to < 0 || to > from)); - assert(closure == NULL); - assert(!(object->flags & OBJECT_LOCAL)); - assert(object->type == OBJECT_HTTP); -@@ -1499,6 +1498,13 @@ - notifyObject(object); - return 1; - } -+ -+ if(!(from >= 0 && (to < 0 || to > from))) { -+ do_log(L_ERROR, "Invalid Range field in the header: from=%d, to=%d.\n", from, to); -+ abortObject(object, 400, internAtom("Invalid range header field")); -+ notifyObject(object); -+ return 1; -+ } - - memcpy(name, ((char*)object->key) + x, y - x); - name[y - x] = '\0'; |