[OpenSIPS-Devel] [OpenSIPS/opensips] a0824c: parse_content_length(): Fix out-of-bounds read edg...
Liviu Chircu
noreply at github.com
Wed Feb 8 16:09:44 UTC 2023
Branch: refs/heads/3.1
Home: https://github.com/OpenSIPS/opensips
Commit: a0824c2784b8343d22ccb2de35206f9ecebfe998
https://github.com/OpenSIPS/opensips/commit/a0824c2784b8343d22ccb2de35206f9ecebfe998
Author: Liviu Chircu <liviu at opensips.org>
Date: 2023-02-08 (Wed, 08 Feb 2023)
Changed paths:
M parser/parse_content.c
M parser/test/test_parser.c
Log Message:
-----------
parse_content_length(): Fix out-of-bounds read edge-case (OSS-Fuzz)
This patch fixes several off-by-one read overflows while parsing a bad
Content-Length header. Similar to a008e7c23, the error was mostly
harmless, as the supplied buffer is typically much larger in the runtime
usage of parse_msg().
Severity: Low
Fixes OSS-Fuzz#53397
(cherry picked from commit e060fe93429b6da665a4d4210a49876b43223a17)
More information about the Devel
mailing list