packages/mod_http2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
mod_http2/backport-CVE-2024-36387.patch
zhangxianting 7e4a28e299 fix CVE-2024-36387 
(cherry picked from commit f5e8bbabd3f8affb7838d39b606678c8b62071fc)
2024-07-10 09:53:24 +08:00

36 lines
988 B
Diff
Raw Permalink Blame History

From 62aa64e5aea21dd969db97aded4443c98c0735ac Mon Sep 17 00:00:00 2001
From: Eric Covener <covener@apache.org>
Date: Mon, 24 Jun 2024 17:51:42 +0000
Subject: [PATCH] Merge r1918548 from trunk:
mod_http2: early exit if bb is null
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1918557 13f79535-47bb-0310-9956-ffa450edef68
---
mod_http2/h2_c2.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/mod_http2/h2_c2.c b/mod_http2/h2_c2.c
index a955200..c65a521 100644
--- a/mod_http2/h2_c2.c
+++ b/mod_http2/h2_c2.c
@@ -370,6 +370,13 @@ static apr_status_t h2_c2_filter_out(ap_filter_t* f, apr_bucket_brigade* bb)
h2_conn_ctx_t *conn_ctx = h2_conn_ctx_get(f->c);
apr_status_t rv;
+ if (bb == NULL) {
+#if !AP_MODULE_MAGIC_AT_LEAST(20180720, 1)
+ f->c->data_in_output_filters = 0;
+#endif
+ return APR_SUCCESS;
+ }
+
ap_assert(conn_ctx);
#if AP_HAS_RESPONSE_BUCKETS
if (!conn_ctx->has_final_response) {
--
2.33.0
Reference in New Issue View Git Blame Copy Permalink