added some extra protection to make sure key-len and val-len don't
overrun git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@1984 152afb58-edef-0310-8abb-c4023f1b3aa9svn/tags/lighttpd-1.4.18
parent
34b3ee0228
commit
eaed2f1e50
|
@ -1578,6 +1578,14 @@ static int fcgi_env_add(buffer *env, const char *key, size_t key_len, const char
|
|||
return -1;
|
||||
}
|
||||
|
||||
/**
|
||||
* field length can be 31bit max
|
||||
*
|
||||
* HINT: this can't happen as FCGI_MAX_LENGTH is only 16bit
|
||||
*/
|
||||
if (key_len > 0x7fffffff) key_len = 0x7fffffff;
|
||||
if (val_len > 0x7fffffff) val_len = 0x7fffffff;
|
||||
|
||||
buffer_prepare_append(env, len);
|
||||
|
||||
if (key_len > 127) {
|
||||
|
|
Loading…
Reference in New Issue