packages/libsoup
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
libsoup/backport-CVE-2025-32907.patch
zppzhangpan 5eaf0ca38c fix CVE-2025-32907 CVE-2025-32914
2025-04-23 15:57:40 +08:00

33 lines
1.0 KiB
Diff
Raw Permalink Blame History

From 446b2e0a97ac1c241e9c58545f1b0f5f962d98e2 Mon Sep 17 00:00:00 2001
From: Milan Crha <mcrha@redhat.com>
Date: Tue, 15 Apr 2025 12:17:39 +0200
Subject: [PATCH] soup-message-headers: Correct merge of ranges
It had been skipping every second range, which generated an array
of a lot of insane ranges, causing large memory usage by the server.
Closes #428
Conflict: The new test case community is still in discussion and it is recommended not to merge
Reference: https://gitlab.gnome.org/GNOME/libsoup/-/commit/446b2e0a97ac1c241e9c58545f1b0f5f962d98e2
---
libsoup/soup-message-headers.c | 1 +
1 files changed, 1 insertions(+)
diff --git a/libsoup/soup-message-headers.c b/libsoup/soup-message-headers.c
index ee7a3cb1..f101d4b4 100644
--- a/libsoup/soup-message-headers.c
+++ b/libsoup/soup-message-headers.c
@@ -1244,6 +1244,7 @@ soup_message_headers_get_ranges_internal (SoupMessageHeaders *hdrs,
if (cur->start <= prev->end) {
prev->end = MAX (prev->end, cur->end);
g_array_remove_index (array, i);
+ i--;
}
}
}
--
GitLab
Reference in New Issue View Git Blame Copy Permalink