Documentation Source Text

Check-in [c1e08a3709]
Login
Home Timeline Branches Tickets Wiki More...

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:In althttpd.c, fix a potential NULL ptr dereference following a CGI that returns an empty string.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: c1e08a3709f06f3575f4d11aca3cbd08cebff3472c48e8583da0a773531fd194
User & Date: drh 2020-11-15 13:16:32
Context
2020-11-16
12:03
Merge changes from the 3.33 branch. (check-in: 8bdbb88c52 user: drh tags: trunk)
2020-11-15
13:16
In althttpd.c, fix a potential NULL ptr dereference following a CGI that returns an empty string. (check-in: c1e08a3709 user: drh tags: trunk)
2020-11-09
13:42
Update the rescode.html document with recently added result codes. (check-in: c57bdcc203 user: drh tags: trunk)
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to misc/althttpd.c. 

1446
1447
1448
1449
1450
1451
1452

1453
1454



1455
1456
1457
1458
1459
1460
1461

        aRes = realloc(aRes, nMalloc+1);
        if( aRes==0 ){
           Malfunction(610, "Out of memory: %d bytes", nMalloc);
        }
      }
      aRes[nRes++] = c;
    }

    aRes[nRes] = 0;
    nOut += printf("Content-length: %d\r\n\r\n%s", (int)nRes, aRes);



  }
  free(aRes);
  fclose(in);
}

/*
** Send an SCGI request to a host identified by zFile and process the








>
|
|
>
>
>








1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465

        aRes = realloc(aRes, nMalloc+1);
        if( aRes==0 ){
           Malfunction(610, "Out of memory: %d bytes", nMalloc);
        }
      }
      aRes[nRes++] = c;
    }
    if( nRes ){
      aRes[nRes] = 0;
      nOut += printf("Content-length: %d\r\n\r\n%s", (int)nRes, aRes);
    }else{
      nOut += printf("Content-length: 0\r\n\r\n");
    }
  }
  free(aRes);
  fclose(in);
}

/*
** Send an SCGI request to a host identified by zFile and process the

1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825

      "Ezooms/",
      "HTTrace",
      "AhrefsBot",
      "MicroMessenger",
      "OPPO A33 Build",
      "SemrushBot",
    };
    int ii;
    for(ii=0; ii<sizeof(azDisallow)/sizeof(azDisallow[0]); ii++){
      if( strstr(zAgent,azDisallow[ii])!=0 ){
        Forbidden(250);  /* LOG: Disallowed user agent */
      }
    }
#if 0
    /* Spider attack from 2019-04-24 */








|








1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829

      "Ezooms/",
      "HTTrace",
      "AhrefsBot",
      "MicroMessenger",
      "OPPO A33 Build",
      "SemrushBot",
    };
    size_t ii;
    for(ii=0; ii<sizeof(azDisallow)/sizeof(azDisallow[0]); ii++){
      if( strstr(zAgent,azDisallow[ii])!=0 ){
        Forbidden(250);  /* LOG: Disallowed user agent */
      }
    }
#if 0
    /* Spider attack from 2019-04-24 */

This page was generated in about 0.006s by Fossil 2.25 [89da205267] 2024-04-30 10:17:13