Skip to content

Commit

Permalink
Fix stack overflow that can occur in libevhtp
Browse files Browse the repository at this point in the history 
libevhtp allocates a stack based on data length
when C99 is detected at compile time. There are
no checks to verify that the stack is big enough
which can cause a stack overflow.

Adding EVHTP_HAS_C99=false at compile time changes
this behavior by allocate to a buffer which has
proper checks in place.

More information about this bug can be found at:
Yellow-Camper/libevhtp#118
haiwen/seafile#1928

MFH:		2019Q3


git-svn-id: svn+ssh://svn.freebsd.org/ports/head@510747 35697150-7ecd-e111-bb59-0022644237b5
  • Loading branch information
Richard Gallamore authored and Richard Gallamore committed Sep 1, 2019
1 parent 520f967 commit c555020
Showing 1 changed file with 3 additions and 2 deletions.
5 changes: 3 additions & 2 deletions www/libevhtp/Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

PORTNAME= libevhtp
PORTVERSION= 1.2.16
PORTREVISION= 3
PORTREVISION= 4
CATEGORIES= www

MAINTAINER= ultima@FreeBSD.org
Expand All @@ -19,7 +19,8 @@ USE_GITHUB= yes
GH_ACCOUNT= criticalstack

CMAKE_ARGS= -DCMAKE_INCLUDE_PATH:PATH=include/event2 \
-DCMAKE_LIBRARY_PATH:PATH=lib/event2
-DCMAKE_LIBRARY_PATH:PATH=lib/event2 \
-DEVHTP_HAS_C99:BOOL=FALSE

PLIST_SUB= PORTVERSION=${PORTVERSION}

Expand Down

0 comments on commit c555020

Please sign in to comment.