packages/httpd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'openEuler-24.03-LTS' of gitee.com:src-openeuler/httpd into cherry-pick-1715147373

Browse Source 
Signed-off-by: yueyuankun <yueyuankun@kylinos.cn>
This commit is contained in:
yueyuankun 2024-06-08 09:29:48 +00:00 committed by Gitee
commit b8fc3f4f80
2 changed files with 41 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
backport-only-allocate-a-heap-heap-buffer.patch Normal file
View File

@ -0,0 +1,33 @@
From aa86530aec72e5de24227dbe2054cd713fb3d3f5 Mon Sep 17 00:00:00 2001
From: Joe Orton <jorton@apache.org>
Date: Wed, 8 May 2024 12:44:52 +0000
Subject: [PATCH] * modules/proxy/mod_proxy_fcgi.c (dispatch): Only allocate a
heap buffer if the configured size is greater than the stack-allocated
buffer.
Reference: https://github.com/apache/httpd/commit/aa86530aec72e5de24227dbe2054cd713fb3d3f5
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1917576 13f79535-47bb-0310-9956-ffa450edef68
---
modules/proxy/mod_proxy_fcgi.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/modules/proxy/mod_proxy_fcgi.c b/modules/proxy/mod_proxy_fcgi.c
index 831bd15..ee7d24f 100644
--- a/modules/proxy/mod_proxy_fcgi.c
+++ b/modules/proxy/mod_proxy_fcgi.c
@@ -569,7 +569,11 @@ static apr_status_t dispatch(proxy_conn_rec *conn, proxy_dir_conf *conf,
*err = NULL;
if (conn->worker->s->io_buffer_size_set) {
iobuf_size = conn->worker->s->io_buffer_size;
- iobuf = apr_palloc(r->pool, iobuf_size);
+ /* Allocate a buffer if the configured size is larger than the
+ * stack buffer, otherwise use the stack buffer. */
+ if (iobuf_size > AP_IOBUFSIZE) {
+ iobuf = apr_palloc(r->pool, iobuf_size);
+ }
}
pfd.desc_type = APR_POLL_SOCKET;
--
2.27.0

9
httpd.spec
View File

@ -76,6 +76,7 @@ Patch22: backport-CVE-2024-24795-let-httpd-handle-CL-TE-for-non-http-ha
Patch23: backport-CVE-2023-38709-header-validation-after-content.patch
Patch24: backport-CVE-2024-27316-bail-after-too-many-failed-reads.patch
Patch25: backport-remove-dependency-on-xmlstring-header.patch
Patch26: backport-only-allocate-a-heap-heap-buffer.patch
BuildRequires: gcc autoconf pkgconfig findutils xmlto perl-interpreter perl-generators systemd-devel
BuildRequires: zlib-devel libselinux-devel lua-devel brotli-devel
@ -513,12 +514,18 @@ exit $rv
%{_rpmconfigdir}/macros.d/macros.httpd
%changelog
* Wed May 08 2024 yueyuankun <yueyuankun@kylinos.cn> - 2.4.58-3
* Wed Jun 08 2024 yueyuankun <yueyuankun@kylinos.cn> - 2.4.58-4
- Type:NA
- ID:NA
- SUG:NA
- DESC: replace openEuler with _vendor
* Wed May 22 2024 zhangyaqi <zhagnyaqi@kylinos.cn> - 2.4.58-3
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:allocate a heap buffer if the configured size is greater than the stack-allocated buffer.
* Mon May 06 2024 chengyechun <chengyechun1@huaiwe.com> - 2.4.58-2
- Type:CVE
- ID:CVE-2024-24795,CVE-2023-38709,CVE-2024-27316