diff options
author | Peter Jones <pjones@redhat.com> | 2006-05-11 20:14:07 +0000 |
---|---|---|
committer | Peter Jones <pjones@redhat.com> | 2006-05-11 20:14:07 +0000 |
commit | 9c6b504fb9a574c2990c517ce6fb1d16067bbf39 (patch) | |
tree | cd87a25aef4a3e67d334f384f784f16f7609afa1 | |
parent | 4e271c0e2da15b4ef999131c0472d62ac3370a29 (diff) | |
download | anaconda-9c6b504fb9a574c2990c517ce6fb1d16067bbf39.tar.gz anaconda-9c6b504fb9a574c2990c517ce6fb1d16067bbf39.tar.xz anaconda-9c6b504fb9a574c2990c517ce6fb1d16067bbf39.zip |
- Fix size checking of http header array (#191184).anaconda-9.1.6.12-1.RHEL
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | anaconda.spec | 5 | ||||
-rw-r--r-- | loader2/ftp.c | 5 |
3 files changed, 12 insertions, 3 deletions
@@ -1,3 +1,8 @@ +2006-05-11 Peter Jones <pjones@redhat.com> + + * loader/ftp.c (httpGetFileDesc): don't use sizeof(header) anymore + since it's not an array. + 2006-05-05 Peter Jones <pjones@redhat.com> * loader2/Makefile: Put -Os back in, as the image is too large diff --git a/anaconda.spec b/anaconda.spec index 04199dd85..7e64dbed2 100644 --- a/anaconda.spec +++ b/anaconda.spec @@ -1,6 +1,6 @@ ExcludeArch: ppc64 Name: anaconda -Version: 9.1.6.11 +Version: 9.1.6.12 Release: 1.RHEL License: GPL Summary: The Red Hat Linux installation program. @@ -72,6 +72,9 @@ rm -rf $RPM_BUILD_ROOT /sbin/chkconfig --del reconfig >/dev/null 2>&1 || : %changelog +* Thu May 11 2006 Peter Jones <pjones@redhat.com> - 9.1.6.12-1.RHEL +- Fix size checking of http header array (#191184). + * Fri May 05 2006 Peter Jones <pjones@redhat.com> - 9.1.6.11-1.RHEL - Use -Os in the loader after all, or else boot images are too large (#190835). - Use a dynamic buffer for httpGetFileDesc in the loader (#188089). diff --git a/loader2/ftp.c b/loader2/ftp.c index 35f2312f7..8b69cf1e7 100644 --- a/loader2/ftp.c +++ b/loader2/ftp.c @@ -422,6 +422,7 @@ const char *ftpStrerror(int errorNumber) { /* extraHeaders is either NULL or a string with extra headers separated by '\r\n', ending with * '\r\n' */ +#define MAX_HTTP_HEADER_LEN 4096 int httpGetFileDesc(char * hostname, int port, char * remotename, char *extraHeaders) { char * buf; struct timeval timeout; @@ -467,7 +468,7 @@ int httpGetFileDesc(char * hostname, int port, char * remotename, char *extraHea 1) Get our first \r\n; which lets us check the return code 2) Get a \r\n\r\n, which means we're done */ - nextChar = headers = alloca(4096); + nextChar = headers = alloca(MAX_HTTP_HEADER_LEN); *nextChar = '\0'; checkedCode = 0; while (!strstr(headers, "\r\n\r\n")) { @@ -494,7 +495,7 @@ int httpGetFileDesc(char * hostname, int port, char * remotename, char *extraHea nextChar++; *nextChar = '\0'; - if (nextChar - headers == sizeof(headers)) { + if (nextChar - headers == MAX_HTTP_HEADER_LEN) { close(sock); return FTPERR_SERVER_IO_ERROR; } |