Bug 54893

Summary: Buffer overrun in htdigest
Product: Apache httpd-2 Reporter: Petr Sumbera <petr.sumbera>
Component: supportAssignee: Apache HTTPD Bugs Mailing List <bugs>
Status: RESOLVED FIXED    
Severity: normal Keywords: FixedInTrunk
Priority: P2    
Version: 2.2.24   
Target Milestone: ---   
Hardware: All   
OS: All   

Description Petr Sumbera 2013-04-25 16:09:07 UTC 
Parfait reported following:

Error: Buffer overrun
   Buffer overflow (CWE 120): In pointer dereference of s[i] with index 'i'
      Pointer size is 768 bytes, index is 768
        at line 105 of httpd-2.2.24/support/htdigest.c in function 'get_line'.
        called at line 258 in function 'main' with s = line.


This seems to be true also for HEAD.
Comment 1 Rainer Jung 2013-04-25 18:13:44 UTC 
Fixed in trunk in r1475878.
Proposed for 2.4 and 2.2.
Thanks for the report.
Comment 2 Rainer Jung 2013-04-26 12:54:07 UTC 
Fixed in 2.4 with r1476089.
Comment 3 Rainer Jung 2013-04-26 15:07:26 UTC 
Fixed in 2.2.x with r1476242.

Fix will be released with 2.4.5 and 2.2.25.

Proposed for 2.0.x.