clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-24 03:17:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added checks for malformated FastCGI requests (Mattias Bengtsson)

Browse Source
This commit is contained in:
Dmitry Stogov 2007-09-07 08:30:10 +00:00
parent b9071080f8
commit 0507b17657
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
sapi/cgi/fastcgi.c
View File

@ -620,7 +620,8 @@ static int fcgi_get_params(fcgi_request *req, unsigned char *p, unsigned char *e
val_len |= (*p++ << 8);
val_len |= *p++;
}
if (p + name_len + val_len > end) {
if (name_len + val_len < 0 ||
name_len + val_len > end - p) {
/* Malformated request */
ret = 0;
break;
@ -676,6 +677,10 @@ static int fcgi_read_request(fcgi_request *req)
padding = hdr.paddingLength;
}
if (len + padding > FCGI_MAX_LENGTH) {
return 0;
}
req->id = (hdr.requestIdB1 << 8) + hdr.requestIdB0;
if (hdr.type == FCGI_BEGIN_REQUEST && len == sizeof(fcgi_begin_request)) {