mirror of
git://git.openembedded.org/meta-openembedded
synced 2026-04-02 19:09:26 +00:00
12d4f40a4a
Details: https://nvd.nist.gov/vuln/detail/CVE-2022-24801 Pick the commits from the pull request that is referenced by the NVD report. (The full set is consisting of 13 patches, but the ones that only updated news/readme/typo fixes in comments were not backported) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
26 lines
834 B
Diff
26 lines
834 B
Diff
From 349771026e1eb80cab7a19ceb8b80aa6d1bb3184 Mon Sep 17 00:00:00 2001
|
|
From: Tom Most <twm@freecog.net>
|
|
Date: Fri, 1 Apr 2022 20:47:59 -0700
|
|
Subject: [PATCH] Address review feedback
|
|
|
|
Upstream-Status: Backport [https://github.com/twisted/twisted/commit/2bbd6c89110f0d44d2bb109c14d787f65bca9df8]
|
|
CVE: CVE-2022-24801
|
|
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
|
---
|
|
src/twisted/web/http.py | 6 +++---
|
|
1 file changed, 3 insertions(+), 3 deletions(-)
|
|
|
|
diff --git a/src/twisted/web/http.py b/src/twisted/web/http.py
|
|
index 81df437..4a2ce1d 100644
|
|
--- a/src/twisted/web/http.py
|
|
+++ b/src/twisted/web/http.py
|
|
@@ -420,7 +420,7 @@ def _ishexdigits(b: bytes) -> bool:
|
|
for c in b:
|
|
if c not in b"0123456789abcdefABCDEF":
|
|
return False
|
|
- return bool(b)
|
|
+ return b != b""
|
|
|
|
|
|
def _hexint(b: bytes) -> int:
|