← Back to branch summary

~ubuntu-branches/ubuntu/saucy/lighttpd/saucy

« back to all changes in this revision

Viewing changes to src/http_auth.c

  • Committer: Package Import Robot
  • Author(s): Mahyuddin Susanto
  • Date: 2011-12-20 17:32:22 UTC
  • Revision ID: package-import@ubuntu.com-20111220173222-a55k0846zbd6pxzo
Tags: 1.4.28-2ubuntu4
https://launchpad.net/bugs/906792
* debian/patches/CVE-2011-4362.patch: Fix DoS because of incorrect code in
  src/http_auth.c:67 (LP: #906792)
  - CVE-2011-4362

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/http_auth.c
89
89
        ch = in[0];
90
90
        /* run through the whole string, converting as we go */
91
91
        for (i = 0; i < in_len; i++) {
92
 
                ch = in[i];
 
92
                ch = (unsigned char) in[i];
93
93
 
94
94
                if (ch == '\0') break;
95
95