lighttd: Upgrade to 1.4.59-1+deb11u2
Fix CVE-2022-22707 issue. Refer to: https://security-tracker.debian.org/tracker/CVE-2022-22707 Meanwhile rebase the local patches for new version. TestPlan: PASS: build-pkgs -a PASS: build-image PASS: Jenkins Installation. PASS: Check the package version with 'dpkg -l' Closes-Bug: 2021548 Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> Change-Id: Id4b245ed4ba7c00d854ce758a3d241ad74fd1a0f
This commit is contained in:
parent
d03fd2ebaa
commit
e61f579d8b
@ -1,38 +1,32 @@
|
||||
From 91f1bd05e5acc70789d17de47de7813bb615027c Mon Sep 17 00:00:00 2001
|
||||
From: Yue Tao <Yue.Tao@windriver.com>
|
||||
Date: Tue, 9 Mar 2021 18:26:53 -0800
|
||||
From 95f82fc840c43c964a6c2dcdeaf33b87b44665f3 Mon Sep 17 00:00:00 2001
|
||||
From: Zhixiong Chi <zhixiong.chi@windriver.com>
|
||||
Date: Mon, 12 Jun 2023 12:46:45 +0800
|
||||
Subject: [PATCH] lighttpd: backport spec-include-TiS-changes.patch from
|
||||
StarlingX f/centos8 branch
|
||||
|
||||
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
|
||||
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
|
||||
---
|
||||
debian/control | 99 ++++++++++++++++++++++++--------------------------
|
||||
debian/rules | 12 +++---
|
||||
2 files changed, 55 insertions(+), 56 deletions(-)
|
||||
debian/control | 178 ++++++++++++++++++++++++-------------------------
|
||||
debian/rules | 11 +--
|
||||
2 files changed, 95 insertions(+), 94 deletions(-)
|
||||
|
||||
diff --git a/debian/control b/debian/control
|
||||
index 7807525..682477b 100644
|
||||
index 628bfc7..cae8626 100644
|
||||
--- a/debian/control
|
||||
+++ b/debian/control
|
||||
@@ -62,15 +62,12 @@ Suggests:
|
||||
lighttpd-mod-authn-gssapi,
|
||||
lighttpd-mod-authn-pam,
|
||||
lighttpd-mod-authn-sasl,
|
||||
- lighttpd-mod-cml,
|
||||
lighttpd-mod-geoip,
|
||||
- lighttpd-mod-magnet,
|
||||
lighttpd-mod-maxminddb,
|
||||
lighttpd-mod-trigger-b4-dl,
|
||||
lighttpd-mod-vhostdb-dbi,
|
||||
@@ -74,8 +74,6 @@ Suggests:
|
||||
lighttpd-mod-vhostdb-pgsql,
|
||||
lighttpd-mod-webdav,
|
||||
lighttpd-modules-dbi,
|
||||
- lighttpd-modules-ldap,
|
||||
- lighttpd-modules-lua,
|
||||
lighttpd-modules-mysql,
|
||||
Description: fast webserver with minimal memory footprint
|
||||
lighttpd is a small webserver and fast webserver developed with
|
||||
@@ -99,29 +96,29 @@ Description: documentation for lighttpd
|
||||
.
|
||||
This package contains documentation for lighttpd.
|
||||
@@ -130,61 +128,61 @@ Description: DBI-based modules for lighttpd
|
||||
Do not depend on this package. Depend on the provided lighttpd-mod-*
|
||||
packages instead.
|
||||
|
||||
-Package: lighttpd-modules-ldap
|
||||
-Architecture: any
|
||||
@ -57,6 +51,38 @@ index 7807525..682477b 100644
|
||||
- .
|
||||
- Do not depend on this package. Depend on the provided lighttpd-mod-*
|
||||
- packages instead.
|
||||
-
|
||||
-Package: lighttpd-modules-lua
|
||||
-Architecture: any
|
||||
-Depends:
|
||||
- ${misc:Depends},
|
||||
- ${shlibs:Depends},
|
||||
- lighttpd (= ${binary:Version}),
|
||||
-Breaks:
|
||||
- lighttpd-mod-cml (<< 1.4.56~rc7-0+exp2),
|
||||
- lighttpd-mod-magnet (<< 1.4.56~rc7-0+exp2),
|
||||
-Replaces:
|
||||
- lighttpd (<< 1.4.56~rc7-0+exp2),
|
||||
- lighttpd-mod-cml (<< 1.4.56~rc7-0+exp2),
|
||||
- lighttpd-mod-magnet (<< 1.4.56~rc7-0+exp2),
|
||||
-Provides:
|
||||
- ${lighttpd:ModuleProvides},
|
||||
-Description: LUA-based modules for lighttpd
|
||||
- This package contains the following modules:
|
||||
- * mod_magnet: control the request handling module for lighttpd
|
||||
- mod_magnet can attract a request in several stages in the request-handling.
|
||||
- either at the same level as mod_rewrite, before any parsing of the URL is
|
||||
- done or at a later stage, when the doc-root is known and the physical-path
|
||||
- is already setup.
|
||||
- * mod_cml: cache meta language module for lighttpd
|
||||
- With the cache meta language, it is possible to describe to the
|
||||
- dependencies of a cached file to its source files/scripts. For the
|
||||
- cache files, the scripting language Lua is used.
|
||||
- THIS MODULE IS OBSOLETED, USE mod_magnet INSTEAD.
|
||||
- .
|
||||
- Do not depend on this package. Depend on the provided lighttpd-mod-*
|
||||
- packages instead.
|
||||
-
|
||||
+#Package: lighttpd-modules-ldap
|
||||
+#Architecture: any
|
||||
+#Depends:
|
||||
@ -80,69 +106,116 @@ index 7807525..682477b 100644
|
||||
+# .
|
||||
+# Do not depend on this package. Depend on the provided lighttpd-mod-*
|
||||
+# packages instead.
|
||||
|
||||
+#
|
||||
+#Package: lighttpd-modules-lua
|
||||
+#Architecture: any
|
||||
+#Depends:
|
||||
+# ${misc:Depends},
|
||||
+# ${shlibs:Depends},
|
||||
+# lighttpd (= ${binary:Version}),
|
||||
+#Breaks:
|
||||
+# lighttpd-mod-cml (<< 1.4.56~rc7-0+exp2),
|
||||
+# lighttpd-mod-magnet (<< 1.4.56~rc7-0+exp2),
|
||||
+#Replaces:
|
||||
+# lighttpd (<< 1.4.56~rc7-0+exp2),
|
||||
+# lighttpd-mod-cml (<< 1.4.56~rc7-0+exp2),
|
||||
+# lighttpd-mod-magnet (<< 1.4.56~rc7-0+exp2),
|
||||
+#Provides:
|
||||
+# ${lighttpd:ModuleProvides},
|
||||
+#Description: LUA-based modules for lighttpd
|
||||
+# This package contains the following modules:
|
||||
+# * mod_magnet: control the request handling module for lighttpd
|
||||
+# mod_magnet can attract a request in several stages in the request-handling.
|
||||
+# either at the same level as mod_rewrite, before any parsing of the URL is
|
||||
+# done or at a later stage, when the doc-root is known and the physical-path
|
||||
+# is already setup.
|
||||
+# * mod_cml: cache meta language module for lighttpd
|
||||
+# With the cache meta language, it is possible to describe to the
|
||||
+# dependencies of a cached file to its source files/scripts. For the
|
||||
+# cache files, the scripting language Lua is used.
|
||||
+# THIS MODULE IS OBSOLETED, USE mod_magnet INSTEAD.
|
||||
+# .
|
||||
+# Do not depend on this package. Depend on the provided lighttpd-mod-*
|
||||
+# packages instead.
|
||||
+#
|
||||
Package: lighttpd-modules-mysql
|
||||
Architecture: any
|
||||
@@ -165,32 +162,32 @@ Description: anti-deep-linking module for lighttpd
|
||||
Depends:
|
||||
@@ -231,39 +229,39 @@ Description: anti-deep-linking module for lighttpd
|
||||
from other sites by requiring users to visit a trigger URL to
|
||||
be able to download certain files.
|
||||
|
||||
-Package: lighttpd-mod-cml
|
||||
-Section: oldlibs
|
||||
-Architecture: any
|
||||
-Depends:
|
||||
- ${misc:Depends},
|
||||
- ${shlibs:Depends},
|
||||
- lighttpd (= ${binary:Version}),
|
||||
-Recommends:
|
||||
- memcached,
|
||||
-Description: cache meta language module for lighttpd
|
||||
- lighttpd-modules-lua (= ${binary:Version}),
|
||||
-Description: Transitional dummy package for: cache meta language module for lighttpd
|
||||
- With the cache meta language, it is possible to describe to the
|
||||
- dependencies of a cached file to its source files/scripts. For the
|
||||
- cache files, the scripting language Lua is used.
|
||||
- .
|
||||
- THIS MODULE IS OBSOLETED, USE mod_magnet INSTEAD.
|
||||
- .
|
||||
- While this transitional dummy package will go away, the package name
|
||||
- continues to exist as a virtual package provided by lighttpd-modules-lua.
|
||||
-
|
||||
-Package: lighttpd-mod-magnet
|
||||
-Section: oldlibs
|
||||
-Architecture: any
|
||||
-Depends:
|
||||
- ${misc:Depends},
|
||||
- ${shlibs:Depends},
|
||||
- lighttpd-modules-lua (= ${binary:Version}),
|
||||
-Description: Transitional dummy package for: control the request handling module for lighttpd
|
||||
- mod_magnet can attract a request in several stages in the request-handling.
|
||||
- either at the same level as mod_rewrite, before any parsing of the URL is done
|
||||
- or at a later stage, when the doc-root is known and the physical-path is
|
||||
- already setup
|
||||
- .
|
||||
- While this transitional dummy package will go away, the package name
|
||||
- continues to exist as a virtual package provided by lighttpd-modules-lua.
|
||||
-
|
||||
+#Package: lighttpd-mod-cml
|
||||
+#Section: oldlibs
|
||||
+#Architecture: any
|
||||
+#Depends:
|
||||
+# ${misc:Depends},
|
||||
+# ${shlibs:Depends},
|
||||
+# lighttpd (= ${binary:Version}),
|
||||
+#Recommends:
|
||||
+# memcached,
|
||||
+#Description: cache meta language module for lighttpd
|
||||
+# lighttpd-modules-lua (= ${binary:Version}),
|
||||
+#Description: Transitional dummy package for: cache meta language module for lighttpd
|
||||
+# With the cache meta language, it is possible to describe to the
|
||||
+# dependencies of a cached file to its source files/scripts. For the
|
||||
+# cache files, the scripting language Lua is used.
|
||||
+# .
|
||||
+# THIS MODULE IS OBSOLETED, USE mod_magnet INSTEAD.
|
||||
|
||||
-Package: lighttpd-mod-magnet
|
||||
-Architecture: any
|
||||
-Depends:
|
||||
- ${misc:Depends},
|
||||
- ${shlibs:Depends},
|
||||
- lighttpd (= ${binary:Version}),
|
||||
-Description: control the request handling module for lighttpd
|
||||
- mod_magnet can attract a request in several stages in the request-handling.
|
||||
- either at the same level as mod_rewrite, before any parsing of the URL is done
|
||||
- or at a later stage, when the doc-root is known and the physical-path is
|
||||
- already setup
|
||||
+# .
|
||||
+# While this transitional dummy package will go away, the package name
|
||||
+# continues to exist as a virtual package provided by lighttpd-modules-lua.
|
||||
+#
|
||||
+#Package: lighttpd-mod-magnet
|
||||
+#Section: oldlibs
|
||||
+#Architecture: any
|
||||
+#Depends:
|
||||
+# ${misc:Depends},
|
||||
+# ${shlibs:Depends},
|
||||
+# lighttpd (= ${binary:Version}),
|
||||
+#Description: control the request handling module for lighttpd
|
||||
+# lighttpd-modules-lua (= ${binary:Version}),
|
||||
+#Description: Transitional dummy package for: control the request handling module for lighttpd
|
||||
+# mod_magnet can attract a request in several stages in the request-handling.
|
||||
+# either at the same level as mod_rewrite, before any parsing of the URL is done
|
||||
+# or at a later stage, when the doc-root is known and the physical-path is
|
||||
+# already setup
|
||||
|
||||
+# .
|
||||
+# While this transitional dummy package will go away, the package name
|
||||
+# continues to exist as a virtual package provided by lighttpd-modules-lua.
|
||||
+#
|
||||
Package: lighttpd-mod-webdav
|
||||
Architecture: any
|
||||
Depends:
|
||||
diff --git a/debian/rules b/debian/rules
|
||||
index 7c0440b..e456781 100755
|
||||
index 5317ce6..7535999 100755
|
||||
--- a/debian/rules
|
||||
+++ b/debian/rules
|
||||
@@ -16,6 +16,7 @@ override_dh_clean:
|
||||
@ -154,21 +227,21 @@ index 7c0440b..e456781 100755
|
||||
--libexecdir="/usr/lib/lighttpd" \
|
||||
--with-attr \
|
||||
@@ -23,10 +24,12 @@ override_dh_auto_configure:
|
||||
--with-fam \
|
||||
--with-dbi \
|
||||
--with-gdbm \
|
||||
--with-krb5 \
|
||||
- --with-ldap \
|
||||
+ --without-ldap \
|
||||
--with-geoip \
|
||||
--with-memcached \
|
||||
- --with-lua=lua5.1 \
|
||||
- --with-lua=lua5.3 \
|
||||
+ --without-lua \
|
||||
+ --without-bzip2 \
|
||||
+ --without-memcache \
|
||||
--with-maxminddb \
|
||||
--with-mbedtls \
|
||||
--with-mysql \
|
||||
--with-openssl \
|
||||
@@ -34,8 +37,8 @@ override_dh_auto_configure:
|
||||
@@ -37,8 +40,8 @@ override_dh_auto_configure:
|
||||
--with-pcre \
|
||||
--with-pgsql \
|
||||
--with-sasl \
|
||||
@ -176,17 +249,9 @@ index 7c0440b..e456781 100755
|
||||
- --with-webdav-props \
|
||||
+ --without-webdav-locks \
|
||||
+ --without-webdav-props \
|
||||
--with-wolfssl \
|
||||
--with-xxhash \
|
||||
$(if $(filter pkg.lighttpd.libunwind,$(DEB_BUILD_PROFILES)),--with-libunwind) \
|
||||
CFLAGS_FOR_BUILD="$(shell dpkg-buildflags --get CFLAGS)" \
|
||||
LDFLAGS_FOR_BUILD="$(shell dpkg-buildflags --get LDFLAGS)" \
|
||||
@@ -49,7 +52,6 @@ override_dh_missing:
|
||||
dh_missing --fail-missing
|
||||
|
||||
DOCLESS_PACKAGES=\
|
||||
- lighttpd-modules-ldap \
|
||||
lighttpd-modules-mysql \
|
||||
lighttpd-mod-authn-pam \
|
||||
lighttpd-mod-authn-sasl \
|
||||
--
|
||||
2.31.1
|
||||
2.34.1
|
||||
|
||||
|
@ -1,11 +1,10 @@
|
||||
---
|
||||
debver: 1.4.55-1~bpo10+1
|
||||
debver: 1.4.59-1+deb11u2
|
||||
debname: lighttpd
|
||||
dl_path:
|
||||
name: lighttpd-debian-1.4.55-1_bpo10+1.tar.gz
|
||||
url: https://salsa.debian.org/debian/lighttpd/-/archive/debian/1.4.55-1_bpo10+1/lighttpd-debian-1.4.55-1_bpo10+1.tar.gz
|
||||
md5sum: 453d7710982ee44fb5ce41673c6bd0df
|
||||
sha256sum: 34326941ba0f7c6ff6f2c72890e2a568d0924c11c2c3f3d4174c82a484be81d3
|
||||
name: lighttpd-debian-1.4.59-1+deb11u2.tar.gz
|
||||
url: https://salsa.debian.org/debian/lighttpd/-/archive/debian/1.4.59-1+deb11u2/lighttpd-debian-1.4.59-1+deb11u2.tar.gz
|
||||
sha256sum: d5d7deda6da461030b4b25111f4f6c535128d2b865c6b2b4b009e83334a275ea
|
||||
revision:
|
||||
dist: $STX_DIST
|
||||
PKG_GITREVCOUNT:
|
||||
|
@ -1,53 +0,0 @@
|
||||
From 95ae6094a9eb0cdbfb3f678f4c8e3a2db11aacd2 Mon Sep 17 00:00:00 2001
|
||||
From: Glenn Strauss <gstrauss@gluelogic.com>
|
||||
Date: Tue, 22 Nov 2022 18:58:24 -0800
|
||||
Subject: [PATCH] CVE-2022-37797
|
||||
|
||||
[mod_wstunnel] fix crash with bad hybivers (fixes #3165)
|
||||
|
||||
(thx Michał Dardas)
|
||||
|
||||
x-ref:
|
||||
"mod_wstunnel null pointer dereference"
|
||||
https://redmine.lighttpd.net/issues/3165
|
||||
|
||||
In order to trigger the reproducer on lighttpd 1.4.53, parsing of the
|
||||
Sec-Websocket-Version needs to be fixed as has been done in later versions.
|
||||
Due to internal refactoring, the actual NULL pointer dereference has moved
|
||||
elsewhere, but still crashes. -- Helmut Grohne
|
||||
|
||||
The upstream patch is not a git header format which I have created here.
|
||||
[Backport from https://salsa.debian.org/debian/lighttpd/-/blob/buster-security/debian/patches/CVE-2022-37797.patch]
|
||||
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
|
||||
---
|
||||
src/mod_wstunnel.c | 7 +++++--
|
||||
1 file changed, 5 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/mod_wstunnel.c b/src/mod_wstunnel.c
|
||||
index ed5174a..99e3739 100644
|
||||
--- a/src/mod_wstunnel.c
|
||||
+++ b/src/mod_wstunnel.c
|
||||
@@ -466,7 +466,7 @@ static int wstunnel_is_allowed_origin(connection *con, handler_ctx *hctx) {
|
||||
static int wstunnel_check_request(connection *con, handler_ctx *hctx) {
|
||||
const buffer * const vers =
|
||||
http_header_request_get(con, HTTP_HEADER_OTHER, CONST_STR_LEN("Sec-WebSocket-Version"));
|
||||
- const long hybivers = (NULL != vers) ? strtol(vers->ptr, NULL, 10) : 0;
|
||||
+ const long hybivers = (NULL != vers) ? (light_isdigit(*vers->ptr) ? strtol(vers->ptr, NULL, 10) : -1) : 0;
|
||||
if (hybivers < 0 || hybivers > INT_MAX) {
|
||||
DEBUG_LOG(MOD_WEBSOCKET_LOG_ERR, "s", "invalid Sec-WebSocket-Version");
|
||||
con->http_status = 400; /* Bad Request */
|
||||
@@ -506,7 +506,10 @@ static handler_t wstunnel_handler_setup (server *srv, connection *con, plugin_da
|
||||
hctx->srv = srv; /*(for mod_wstunnel module-specific DEBUG_LOG() macro)*/
|
||||
hctx->conf = p->conf; /*(copies struct)*/
|
||||
hybivers = wstunnel_check_request(con, hctx);
|
||||
- if (hybivers < 0) return HANDLER_FINISHED;
|
||||
+ if (hybivers < 0) {
|
||||
+ con->mode = DIRECT;
|
||||
+ return HANDLER_FINISHED;
|
||||
+ }
|
||||
hctx->hybivers = hybivers;
|
||||
if (0 == hybivers) {
|
||||
DEBUG_LOG(MOD_WEBSOCKET_LOG_INFO,"s","WebSocket Version = hybi-00");
|
||||
--
|
||||
2.34.1
|
||||
|
@ -1,37 +1,49 @@
|
||||
From 65107586a55c594c44b0a97a2d6756f6a0f0a5ca Mon Sep 17 00:00:00 2001
|
||||
From: Giao Le <giao.le@windriver.com>
|
||||
Date: Mon, 27 Aug 2018 19:41:36 +0800
|
||||
Subject: [PATCH] check-length
|
||||
From 98b8cbc80e14e6b47b13bcddfedc0bdc8d2abf19 Mon Sep 17 00:00:00 2001
|
||||
From: Zhixiong Chi <zhixiong.chi@windriver.com>
|
||||
Date: Mon, 12 Jun 2023 02:23:58 -0700
|
||||
Subject: [PATCH] check content-length
|
||||
|
||||
Rebase this local patch for StarlingX.
|
||||
|
||||
Signed-off-by: zhipengl <zhipengs.liu@intel.com>
|
||||
Signed-off-by: Giao Le <giao.le@windriver.com>
|
||||
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
|
||||
---
|
||||
src/request.c | 45 +++++++++++++++++++++++++++++++++++++++++++++
|
||||
1 file changed, 45 insertions(+)
|
||||
src/request.c | 49 +++++++++++++++++++++++++++++++++++++++++++++++++
|
||||
1 file changed, 49 insertions(+)
|
||||
|
||||
diff --git a/src/request.c b/src/request.c
|
||||
index d25e1e7..fe541a5 100644
|
||||
index 62f2f0cb..e9668d42 100644
|
||||
--- a/src/request.c
|
||||
+++ b/src/request.c
|
||||
@@ -8,10 +8,39 @@
|
||||
@@ -8,16 +8,48 @@
|
||||
#include "first.h"
|
||||
|
||||
#include "request.h"
|
||||
+#include "base.h"
|
||||
#include "burl.h"
|
||||
#include "http_header.h"
|
||||
#include "http_kv.h"
|
||||
#include "log.h"
|
||||
#include "sock_addr.h"
|
||||
|
||||
+#include <errno.h>
|
||||
#include <limits.h>
|
||||
#include <stdint.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
+#include <sys/statvfs.h>
|
||||
|
||||
+static size_t get_tempdirs_free_space(server *srv)
|
||||
+
|
||||
+static size_t get_tempdirs_free_space(request_st * const restrict r)
|
||||
+{
|
||||
+ int i;
|
||||
+ int valid = 0;
|
||||
+ size_t total = 0;
|
||||
+ array *dirs = srv->srvconf.upload_tempdirs;
|
||||
+ array *dirs = r->con->srv->srvconf.upload_tempdirs;
|
||||
+
|
||||
+ for (i = 0; i < (int)dirs->used; ++i) {
|
||||
+ struct statvfs stat;
|
||||
+ const char *name = ((data_string *)dirs->data[i])->value->ptr;
|
||||
+ const char *name = ((data_string *)dirs->data[i])->value.ptr;
|
||||
+ int ret = statvfs(name, &stat);
|
||||
+
|
||||
+ if (ret >= 0) {
|
||||
@ -40,41 +52,47 @@ index d25e1e7..fe541a5 100644
|
||||
+ valid = 1;
|
||||
+ }
|
||||
+ else {
|
||||
+ log_error_write(srv, __FILE__, __LINE__, "ssss",
|
||||
+ "dir:", name,
|
||||
+ "error:", strerror(errno));
|
||||
+ if (r->conf.log_request_header_on_error) {
|
||||
+ log_error(r->conf.errh, __FILE__, __LINE__,
|
||||
+ "statvfs error, dir: %s, eno: %s\n",
|
||||
+ name, strerror(errno));
|
||||
+ }
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ return (valid) ? total : SSIZE_MAX;
|
||||
+}
|
||||
+
|
||||
static int request_check_hostname(buffer *host) {
|
||||
|
||||
static int request_check_hostname(buffer * const host) {
|
||||
enum { DOMAINLABEL, TOPLABEL } stage = TOPLABEL;
|
||||
size_t i;
|
||||
@@ -928,6 +957,22 @@ int http_request_parse(server *srv, conn
|
||||
if (!state.con_length_set) {
|
||||
return http_request_header_line_invalid(srv, 411, "POST-request, but content-length missing -> 411");
|
||||
@@ -1260,10 +1292,27 @@ http_request_parse (request_st * const restrict r, const int scheme_port)
|
||||
http_header_request_unset(r, HTTP_HEADER_CONTENT_LENGTH, CONST_STR_LEN("Content-Length"));
|
||||
}
|
||||
}
|
||||
+ /* content-length is larger than 64k */
|
||||
+ if (con->request.content_length > 64*1024) {
|
||||
+ size_t disk_free = get_tempdirs_free_space(srv);
|
||||
+ if (con->request.content_length > disk_free) {
|
||||
+ con->http_status = 413;
|
||||
+ con->keep_alive = 0;
|
||||
+
|
||||
+ log_error_write(srv, __FILE__, __LINE__, "ssosos",
|
||||
+ "not enough free space in tempdirs:",
|
||||
+ "length =", (off_t) con->request.content_length,
|
||||
+ "free =", (off_t) disk_free,
|
||||
+ "-> 413");
|
||||
if (http_method_get_or_head(r->http_method)
|
||||
&& !(http_parseopts & HTTP_PARSEOPT_METHOD_GET_BODY)) {
|
||||
return http_request_header_line_invalid(r, 400, "GET/HEAD with content-length -> 400");
|
||||
}
|
||||
+
|
||||
+ /* content-length is larger than 64k */
|
||||
+ if (r->reqbody_length > 64*1024 && HTTP_METHOD_POST == r->http_method) {
|
||||
+ size_t disk_free = get_tempdirs_free_space(r);
|
||||
+ if (r->reqbody_length > disk_free) {
|
||||
+ r->http_status = 413;
|
||||
+ r->keep_alive = 0;
|
||||
+ if (r->conf.log_request_header_on_error) {
|
||||
+ log_error(r->conf.errh, __FILE__, __LINE__,
|
||||
+ "not enough free space in tempdirs:\n length =%d\n free=%d\ncontent-length -> 413",
|
||||
+ r->reqbody_length,
|
||||
+ disk_free);
|
||||
+ }
|
||||
+ return 0;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
--
|
||||
2.21.0
|
||||
}
|
||||
|
||||
return 0;
|
||||
--
|
||||
2.39.0
|
||||
|
||||
|
@ -1,2 +1 @@
|
||||
check-content-length.patch
|
||||
CVE-2022-37797.patch
|
||||
|
Loading…
x
Reference in New Issue
Block a user