1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
$NetBSD: patch-CVE-2016-8740-2.4.23,v 1.1 2016/12/11 23:52:55 taca Exp $
Patch for CVE-2016-8740.
--- modules/http2/h2_stream.c.orig 2016-06-09 10:38:10.000000000 +0000
+++ modules/http2/h2_stream.c
@@ -322,18 +322,18 @@ apr_status_t h2_stream_add_header(h2_str
HTTP_REQUEST_HEADER_FIELDS_TOO_LARGE);
}
}
- }
-
- if (h2_stream_is_scheduled(stream)) {
- return h2_request_add_trailer(stream->request, stream->pool,
- name, nlen, value, vlen);
- }
- else {
- if (!input_open(stream)) {
- return APR_ECONNRESET;
+
+ if (h2_stream_is_scheduled(stream)) {
+ return h2_request_add_trailer(stream->request, stream->pool,
+ name, nlen, value, vlen);
+ }
+ else {
+ if (!input_open(stream)) {
+ return APR_ECONNRESET;
+ }
+ return h2_request_add_header(stream->request, stream->pool,
+ name, nlen, value, vlen);
}
- return h2_request_add_header(stream->request, stream->pool,
- name, nlen, value, vlen);
}
}
|
