allocate a heap buffer if the configured size is greater than the stack-allocated buffer

2024-05-22 16:22:56 +08:00 · 2024-05-22 16:22:56 +08:00 · c88453fff4
commit c88453fff4
parent bb02d25be8
2 changed files with 41 additions and 1 deletions
--- a/backport-only-allocate-a-heap-heap-buffer.patch
+++ b/backport-only-allocate-a-heap-heap-buffer.patch
@ -0,0 +1,33 @@
+From aa86530aec72e5de24227dbe2054cd713fb3d3f5 Mon Sep 17 00:00:00 2001
+From: Joe Orton <jorton@apache.org>
+Date: Wed, 8 May 2024 12:44:52 +0000
+Subject: [PATCH] * modules/proxy/mod_proxy_fcgi.c (dispatch): Only allocate a
+ heap   buffer if the configured size is greater than the stack-allocated  
+ buffer.
+
+Reference: https://github.com/apache/httpd/commit/aa86530aec72e5de24227dbe2054cd713fb3d3f5
+git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1917576 13f79535-47bb-0310-9956-ffa450edef68
+---
+ modules/proxy/mod_proxy_fcgi.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/modules/proxy/mod_proxy_fcgi.c b/modules/proxy/mod_proxy_fcgi.c
+index 831bd15..ee7d24f 100644
+--- a/modules/proxy/mod_proxy_fcgi.c
+++ b/modules/proxy/mod_proxy_fcgi.c
+@@ -569,7 +569,11 @@ static apr_status_t dispatch(proxy_conn_rec *conn, proxy_dir_conf *conf,
+     *err = NULL;
+     if (conn->worker->s->io_buffer_size_set) {
+         iobuf_size = conn->worker->s->io_buffer_size;
+-        iobuf = apr_palloc(r->pool, iobuf_size);
+        /* Allocate a buffer if the configured size is larger than the
+        * stack buffer, otherwise use the stack buffer. */
+        if (iobuf_size > AP_IOBUFSIZE) {
+            iobuf = apr_palloc(r->pool, iobuf_size);
+        }
+     }
+ 
+     pfd.desc_type = APR_POLL_SOCKET;
+-- 
+2.27.0
+
--- a/httpd.spec
+++ b/httpd.spec
@ -8,7 +8,7 @@
 Name:             httpd
 Summary:          Apache HTTP Server
 Version:          2.4.58
-Release:          2
+Release:          3
 License:          ASL 2.0
 URL:              https://httpd.apache.org/
 Source0:          https://archive.apache.org/dist/httpd/httpd-%{version}.tar.bz2
@ -76,6 +76,7 @@ Patch22:          backport-CVE-2024-24795-let-httpd-handle-CL-TE-for-non-http-ha
 Patch23:          backport-CVE-2023-38709-header-validation-after-content.patch
 Patch24:          backport-CVE-2024-27316-bail-after-too-many-failed-reads.patch
 Patch25:          backport-remove-dependency-on-xmlstring-header.patch
+Patch26:          backport-only-allocate-a-heap-heap-buffer.patch

 BuildRequires:    gcc autoconf pkgconfig findutils xmlto perl-interpreter perl-generators systemd-devel
 BuildRequires:    zlib-devel libselinux-devel lua-devel brotli-devel
@ -512,6 +513,12 @@ exit $rv
 %{_rpmconfigdir}/macros.d/macros.httpd

 %changelog
+* Wed May 22 2024 zhangyaqi <zhagnyaqi@kylinos.cn> - 2.4.58-3
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:allocate a heap buffer if the configured size is greater than the stack-allocated buffer.
+
 * Mon May 06 2024 chengyechun <chengyechun1@huaiwe.com> - 2.4.58-2
 - Type:CVE
 - ID:CVE-2024-24795,CVE-2023-38709,CVE-2024-27316