From 56509aaab0fa2f59f35c4f4821efd5014e805af1 Mon Sep 17 00:00:00 2001
From: orange-snn <songnannan2@huawei.com>
Date: Wed, 29 Dec 2021 09:22:43 +0800
Subject: [PATCH] fix CVE-2021-44790

---
 backport-CVE-2021-44790.patch | 29 +++++++++++++++++++++++++++++
 httpd.spec                    |  9 ++++++++-
 2 files changed, 37 insertions(+), 1 deletion(-)
 create mode 100644 backport-CVE-2021-44790.patch

diff --git a/backport-CVE-2021-44790.patch b/backport-CVE-2021-44790.patch
new file mode 100644
index 0000000..44cd994
--- /dev/null
+++ b/backport-CVE-2021-44790.patch
@@ -0,0 +1,29 @@
+From 07b9768cef6a224d256358c404c6ed5622d8acce Mon Sep 17 00:00:00 2001
+From: Stefan Eissing <icing@apache.org>
+Date: Thu, 16 Dec 2021 11:15:47 +0000
+Subject: [PATCH] Merge r1895970 from trunk:
+
+  *) mod_lua: Improve error handling
+
+
+
+git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1896039 13f79535-47bb-0310-9956-ffa450edef68
+---
+ modules/lua/lua_request.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/modules/lua/lua_request.c b/modules/lua/lua_request.c
+index 67ff432..493b2bb 100644
+--- a/modules/lua/lua_request.c
++++ b/modules/lua/lua_request.c
+@@ -410,6 +410,7 @@ static int req_parsebody(lua_State *L)
+             if (end == NULL) break;
+             key = (char *) apr_pcalloc(r->pool, 256);
+             filename = (char *) apr_pcalloc(r->pool, 256);
++            if (end - crlf <= 8) break;
+             vlen = end - crlf - 8;
+             buffer = (char *) apr_pcalloc(r->pool, vlen+1);
+             memcpy(buffer, crlf + 4, vlen);
+-- 
+1.8.3.1
+
diff --git a/httpd.spec b/httpd.spec
index 640df96..39545b3 100644
--- a/httpd.spec
+++ b/httpd.spec
@@ -8,7 +8,7 @@
 Name:             httpd
 Summary:          Apache HTTP Server
 Version:          2.4.48
-Release:          4
+Release:          5
 License:          ASL 2.0
 URL:              https://httpd.apache.org/
 Source0:          https://archive.apache.org/dist/httpd/httpd-%{version}.tar.bz2
@@ -79,6 +79,7 @@ Patch26:          backport-001-CVE-2021-39275.patch
 Patch27:          backport-002-CVE-2021-39275.patch
 Patch28:          backport-fix-int-overflow-in-ap_timeout_parameter_parse.patch
 Patch29:          backport-Improve-fix-to-please-a-fuzzer-which-reports-overflow.patch
+Patch30:	  backport-CVE-2021-44790.patch
 
 BuildRequires:    gcc autoconf pkgconfig findutils xmlto perl-interpreter perl-generators systemd-devel
 BuildRequires:    zlib-devel libselinux-devel lua-devel brotli-devel
@@ -511,6 +512,12 @@ exit $rv
 %{_rpmconfigdir}/macros.d/macros.httpd
 
 %changelog
+* Wed Dec 29 2021 orange-snn <songnannan2@huawei.com> - 2.4.48-5
+- Type:cves
+- ID:NA
+- SUG:restart
+- DESC:fix CVE-2021-44224
+
 * Fri Nov 05 2021 gaihuiying <gaihuiying1@huawei.com> - 2.4.48-4
 - Type:bugfix
 - ID:NA