Weblog

RSS

Bug in Hiawatha 7.4

25 February 2011, 13:01

A bug has been found in version 7.4 of the Hiawatha webserver, which could lead to a server crash. This is caused by an integer overflow in the routine that reads the HTTP request. A too big value of the Content-Length HTTP header leads to this overflow.

To fix the bug, replace 

if (content_length < 0) {
at line 421 in hiawatha.c with 
if ((content_length < 0) ||
    (INT_MAX - content_length - 2 <= header_length)) {
Tags: bug
by Hugo Leisink
thomasba
25 February 2011, 14:06
I had to add:
#include <limits.h>
C-S
25 February 2011, 14:33
Thanks for the patch. I just updated the FreeBSD port with it.
cwadge
27 February 2011, 03:05
The Debian port is updated as well.
celilo
2 March 2011, 09:36
Arch package updated in AUR.

All articles

All tags: Years:
Copyright © by Hugo Leisink. All rights reserved.
Built upon the Banshee PHP framework.