summaryrefslogtreecommitdiff
path: root/www/apache24/patches/patch-CVE-2016-8740-2.4.23
blob: 4d69be605f3beaaf98b55c1986a679529dc1d0e9 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
$NetBSD: patch-CVE-2016-8740-2.4.23,v 1.1 2016/12/11 23:52:55 taca Exp $

Patch for CVE-2016-8740.

--- modules/http2/h2_stream.c.orig	2016-06-09 10:38:10.000000000 +0000
+++ modules/http2/h2_stream.c
@@ -322,18 +322,18 @@ apr_status_t h2_stream_add_header(h2_str
                                            HTTP_REQUEST_HEADER_FIELDS_TOO_LARGE);
             }
         }
-    }
-    
-    if (h2_stream_is_scheduled(stream)) {
-        return h2_request_add_trailer(stream->request, stream->pool,
-                                      name, nlen, value, vlen);
-    }
-    else {
-        if (!input_open(stream)) {
-            return APR_ECONNRESET;
+        
+        if (h2_stream_is_scheduled(stream)) {
+            return h2_request_add_trailer(stream->request, stream->pool,
+                                          name, nlen, value, vlen);
+        }
+        else {
+            if (!input_open(stream)) {
+                return APR_ECONNRESET;
+            }
+            return h2_request_add_header(stream->request, stream->pool,
+                                         name, nlen, value, vlen);
         }
-        return h2_request_add_header(stream->request, stream->pool,
-                                     name, nlen, value, vlen);
     }
 }