Lines 1382-1390
Link Here
|
1382 |
|
1382 |
|
1383 |
clen = apr_table_get(r->headers_in, "Content-Length"); |
1383 |
clen = apr_table_get(r->headers_in, "Content-Length"); |
1384 |
if (clen) { |
1384 |
if (clen) { |
1385 |
apr_off_t cl; |
1385 |
/* Works around https://github.com/apache/httpd/commit/2efe92b51dc4c33c907c9b8c17cb5038aad8038c |
1386 |
|
1386 |
* This commit tests if content-length is a valid long |
1387 |
if (!ap_parse_strict_length(&cl, clen)) { |
1387 |
* (calls strtol). However SSTP specifies that content-length |
|
|
1388 |
* must be ULONGLONG_MAX (18446744073709551615). |
1389 |
* The next 4 lines will replace the strtol check with strtoull. |
1390 |
*/ |
1391 |
char *end; |
1392 |
errno = 0; |
1393 |
strtoull(clen, &end, 10); |
1394 |
if ((errno != 0) || (*end != '\0') || (!apr_isdigit(*clen))) { |
1388 |
ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(10242) |
1395 |
ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(10242) |
1389 |
"client sent invalid Content-Length " |
1396 |
"client sent invalid Content-Length " |
1390 |
"(%s): %s", clen, r->uri); |
1397 |
"(%s): %s", clen, r->uri); |