mirror of
git://git.openembedded.org/meta-openembedded
synced 2026-04-02 19:09:26 +00:00
12d4f40a4a
Details: https://nvd.nist.gov/vuln/detail/CVE-2022-24801 Pick the commits from the pull request that is referenced by the NVD report. (The full set is consisting of 13 patches, but the ones that only updated news/readme/typo fixes in comments were not backported) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
26 lines
928 B
Diff
26 lines
928 B
Diff
From c6838374d0e323b78877ae546e1471c400e4652d Mon Sep 17 00:00:00 2001
|
|
From: Tom Most <twm@freecog.net>
|
|
Date: Mon, 7 Mar 2022 00:32:14 -0800
|
|
Subject: [PATCH] Reject non-digit Content-Length
|
|
|
|
Upstream-Status: Backport [https://github.com/twisted/twisted/commit/8ebfa8f6577431226e109ff98ba48f5152a2c416]
|
|
CVE: CVE-2022-24801
|
|
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
|
---
|
|
src/twisted/web/http.py | 2 ++
|
|
1 file changed, 2 insertions(+)
|
|
|
|
diff --git a/src/twisted/web/http.py b/src/twisted/web/http.py
|
|
index 262da0b..5316d81 100644
|
|
--- a/src/twisted/web/http.py
|
|
+++ b/src/twisted/web/http.py
|
|
@@ -2274,6 +2274,8 @@ class HTTPChannel(basic.LineReceiver, policies.TimeoutMixin):
|
|
|
|
# Can this header determine the length?
|
|
if header == b"content-length":
|
|
+ if not data.isdigit():
|
|
+ return fail()
|
|
try:
|
|
length = int(data)
|
|
except ValueError:
|