diff options
| author | Henning Brauer <henning@cvs.openbsd.org> | 2002-06-17 17:25:50 +0000 |
|---|---|---|
| committer | Henning Brauer <henning@cvs.openbsd.org> | 2002-06-17 17:25:50 +0000 |
| commit | d6d06a1e4203636543d2078b47d6af7cc2fb563c (patch) | |
| tree | 6f7bffece46d0857d555401722351cb1dfa6001e /usr.sbin | |
| parent | 6e4e348282d890a37ee97b57338e297e349bd954 (diff) | |
work around a possible buffer overflow in chunk handling.
ok beck@
Diffstat (limited to 'usr.sbin')
| -rw-r--r-- | usr.sbin/httpd/src/main/http_protocol.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/usr.sbin/httpd/src/main/http_protocol.c b/usr.sbin/httpd/src/main/http_protocol.c index f61342b3c77..f86be0d4e06 100644 --- a/usr.sbin/httpd/src/main/http_protocol.c +++ b/usr.sbin/httpd/src/main/http_protocol.c @@ -2068,7 +2068,7 @@ API_EXPORT(long) ap_get_client_block(request_rec *r, char *buffer, int bufsiz) unsigned long max_body; if (!r->read_chunked) { /* Content-length read */ - len_to_read = (r->remaining > bufsiz) ? bufsiz : r->remaining; + len_to_read = (r->remaining > (unsigned int)bufsiz) ? bufsiz : r->remaining; len_read = ap_bread(r->connection->client, buffer, len_to_read); if (len_read <= 0) { if (len_read < 0) @@ -2180,7 +2180,7 @@ API_EXPORT(long) ap_get_client_block(request_rec *r, char *buffer, int bufsiz) /* Otherwise, we are in the midst of reading a chunk of data */ - len_to_read = (r->remaining > bufsiz) ? bufsiz : r->remaining; + len_to_read = (r->remaining > (unsigned int)bufsiz) ? bufsiz : r->remaining; len_read = ap_bread(r->connection->client, buffer, len_to_read); if (len_read <= 0) { |