Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / b810554f8f45e4488965b5a2fbfcd2f825fa9d3d
commitb810554f8f45e4488965b5a2fbfcd2f825fa9d3d[log] [tgz]
authorWilly Tarreau <w@1wt.eu>Wed Nov 24 18:31:28 2010 +0100
committerWilly Tarreau <w@1wt.eu>Sun Nov 28 07:06:22 2010 +0100
tree2050cc82139949639755944983985485de840fe3
parent77eb9b8a2d9a9b57b6f60c22a3d0203bbd7a936d [diff]
[CRITICAL] cookies: mixing cookies in indirect mode and appsession can crash the process

Cookies in indirect mode are removed from the cookie header. Three pointers
ought to be updated when appsession cookies are processed next, but were not.
The result is that a memcpy() can be called with a negative value causing the
process to crash. It is not sure whether this can be remotely exploited or not.
(cherry picked from commit c5f3749aa3ccfdebc4992854ea79823d26f66213)
1 file changed
tree: 2050cc82139949639755944983985485de840fe3
  1. contrib/
  2. doc/
  3. ebtree/
  4. examples/
  5. include/
  6. src/
  7. tests/
  8. .gitignore
  9. CHANGELOG
  10. LICENSE
  11. Makefile
  12. Makefile.bsd
  13. Makefile.osx
  14. README
  15. ROADMAP
  16. SUBVERS
  17. TODO
  18. VERDATE
  19. VERSION