[Ur] few security patches
Sergey Mironov
grrwlf at gmail.com
Sat Sep 6 05:49:14 EDT 2014
Hi. Let me post a few more patches dealing with security.
1_of_4_Check_realloc_s_return_code_to_prevent_segfault_on_out_of_memory_condition__Part_2_.patch
This patch re-fixes the realloc problem from the previous patch. I
forgot to restore the pointer to buffer in case of realloc error.
2_of_4_Replace_common__if__quiet__printf_______pattern_with_a_macro.patch
This one replaces common if(!quiet) printf(...) pattern with a safe macro
3_of_4_Check_realloc_s_return_code_to_prevent_segfault_on_out_of_memory_condition__Part_3_.patch
Here we have more realloc fixes, this time in http.c
4_of_4_Introduce_recv_timeout_controlled_by___T__option_in_http_c.patch
The most important one: I found that http.c-based applications suffer
from a kind of DDoS attacks where attacker opens connections to the
application, but sends no data. As soon as all threads block in their
[recv]s, application stops answering requests. This patch helps to
protect the application by setting up a timeout for recv and an option
to control it.
Please, review/apply!
Regards,
Sergey
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 1_of_4_Check_realloc_s_return_code_to_prevent_segfault_on_out_of_memory_condition__Part_2_.patch
Type: text/x-patch
Size: 1434 bytes
Desc: not available
URL: <http://www.impredicative.com/pipermail/ur/attachments/20140906/ce754742/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 2_of_4_Replace_common__if__quiet__printf_______pattern_with_a_macro.patch
Type: text/x-patch
Size: 3085 bytes
Desc: not available
URL: <http://www.impredicative.com/pipermail/ur/attachments/20140906/ce754742/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 3_of_4_Check_realloc_s_return_code_to_prevent_segfault_on_out_of_memory_condition__Part_3_.patch
Type: text/x-patch
Size: 1612 bytes
Desc: not available
URL: <http://www.impredicative.com/pipermail/ur/attachments/20140906/ce754742/attachment-0002.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 4_of_4_Introduce_recv_timeout_controlled_by___T__option_in_http_c.patch
Type: text/x-patch
Size: 3169 bytes
Desc: not available
URL: <http://www.impredicative.com/pipermail/ur/attachments/20140906/ce754742/attachment-0003.bin>
More information about the Ur
mailing list