Andrew Bishop WWWOFFLE Negative Content-Length Buffer Overflow Vulnerability

Solution:
The following patch was also submitted by qitest1 <qitest1@bespin.org>:
==8< wwwoffle-2.7b.patch
- --- wwwoffle-2.7b-old/src/parse.c Sat Mar 23 15:28:36 2002
+++ wwwoffle-2.7b/src/parse.c Fri Jul 12 16:52:46 2002
@@ -180,7 +180,7 @@
if(!strcmp("POST",(*request_head)->method) ||
!strcmp("PUT",(*request_head)->method))
{
- - if(length==-1)
+ if(length < 0)
{free(url);return(NULL);}

*request_body=CreateBody(length);
==8<

Fixes are available:


Andrew Bishop WWWOFFLE 2.6 b

Andrew Bishop WWWOFFLE 2.6

Andrew Bishop WWWOFFLE 2.6 d

Andrew Bishop WWWOFFLE 2.7 b

Andrew Bishop WWWOFFLE 2.7

Andrew Bishop WWWOFFLE 2.7 a


 

Privacy Statement
Copyright 2010, SecurityFocus