Bugtraq mailing list archives

Fixing the NCSA HTTPD 1.3

From: lopatic () dbs informatik uni-muenchen de (Thomas Lopatic)
Date: Tue, 14 Feb 1995 19:54:17 +0100 (MET)


Hi there,

in addition to the posted patches, which fix the problem documented, I'd like
to suggest the following measures to make sure that buffer overflows don't
happen in other parts of the daemon either. Please comment.

1. define HUGE_STRING_LEN and MAX_STRING_LEN to a value of 4000 each
   (file httpd.h)

2. have getline() read only 1000 characters instead of HUGE_STRING_LEN
   (file http_request.c: getline(l,HUGE_STRING_LEN/4,in,timeout) instead
    of getline(l,HUGE_STRING_LEN,in,timeout))

This should at first sight pretty much eliminate the problem. It isn't at all
good style, but it should do until an official patch is ready. Does anyone see
any problems with this?

Greetings,
-Thomas

-- 
Thomas Lopatic                               lopatic () informatik uni-muenchen de

Current thread:

Vulnerability in NCSA HTTPD 1.3 Thomas Lopatic (Feb 13)
- Re: Vulnerability in NCSA HTTPD 1.3 Paul 'Shag' Walmsley (Feb 13)
  - Re: Vulnerability in NCSA HTTPD 1.3 Christopher Davis (Feb 14)
    - Re: Vulnerability in NCSA HTTPD 1.3 Robert M. Haas (Feb 14)
    - Re: Vulnerability in NCSA HTTPD 1.3 Christopher Davis (Feb 16)
  - Fixing the NCSA HTTPD 1.3 Thomas Lopatic (Feb 14)
    - Re: Fixing the NCSA HTTPD 1.3 Paul 'Shag' Walmsley (Feb 15)
    - Re: Fixing the NCSA HTTPD 1.3 Rens Troost (Feb 15)
    - Re: Fixing the NCSA HTTPD 1.3 Paul 'Shag' Walmsley (Feb 15)
    - For NCSA Http_1.05a Everett F Batey WA6CRE (Feb 15)
  - Sendmail 8.6.9 Nathan Lawson (Feb 14)
    - Re: Sendmail 8.6.9 Perry E. Metzger (Feb 14)
    - Re: Sendmail 8.6.9 Tom Fitzgerald (Feb 14)
    - Re: Sendmail 8.6.9 Perry E. Metzger (Feb 15)
  - Re: Vulnerability in NCSA HTTPD 1.3 Thomas Roessler (Feb 14)
  - Re: Vulnerability in NCSA HTTPD 1.3 Hannu Martikka (Feb 14)

(Thread continues...)