Date: Thu, 24 Jun 2004 03:10:19 +0900 From: "Akinori MUSHA" <knu@iDaemons.org> To: freebsd-cvsweb@freebsd.org Subject: limiting the query string length Message-ID: <86eko6gn78.knu@iDaemons.org>
index | next in thread | raw e-mail
Hi,
What about limiting the query string length to prevent potential
exploit attacks against cvs?
Index: cvsweb.cgi
===================================================================
RCS file: /mirror/freebsd/ncvs/root/projects/projects/cvsweb/cvsweb.cgi,v
retrieving revision 1.259
diff -u -r1.259 cvsweb.cgi
--- cvsweb.cgi 8 May 2004 14:13:40 -0000 1.259
+++ cvsweb.cgi 23 Jun 2004 17:28:15 -0000
@@ -384,7 +384,9 @@
my %query = ();
if (defined($ENV{QUERY_STRING})) {
- for my $p (split(/[;&]+/, $ENV{QUERY_STRING})) {
+ my $qs = $ENV{QUERY_STRING};
+ length($qs) >= 1024 and fatal('500 Internal Error', 'Malformed request.');
+ for my $p (split(/[;&]+/, $qs)) {
next unless $p;
$p =~ y/+/ /;
my ($key, $val) = split(/=/, $p, 2);
Regards,
--
/
/__ __ Akinori.org / MUSHA.org
/ ) ) ) ) / FreeBSD.org / Ruby-lang.org
Akinori MUSHA aka / (_ / ( (__( @ iDaemons.org / and.or.jp
"It seems to me as we make our own few circles 'round the sun
We get it backwards and our seven years go by like one"
home |
help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86eko6gn78.knu>