From: André Malo Date: Tue, 25 May 2004 20:16:19 +0000 (+0000) Subject: parse content-length correctly using apr_strtoff function X-Git-Tag: pre_ajp_proxy~221 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=a800869190350d500b3ef18b7e84b07f0546250c;p=apache parse content-length correctly using apr_strtoff function git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@103769 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/modules/mappers/mod_negotiation.c b/modules/mappers/mod_negotiation.c index a6ad3c8d04..1a8f89695f 100644 --- a/modules/mappers/mod_negotiation.c +++ b/modules/mappers/mod_negotiation.c @@ -987,7 +987,18 @@ static int read_type_map(apr_file_t **map, negotiation_state *neg, has_content = 1; } else if (!strncmp(buffer, "content-length:", 15)) { - mime_info.bytes = apr_atoi64((char *)body); + char *errp; + apr_off_t number; + + if (apr_strtoff(&number, body, &errp, 10) + || *errp || number < 0) { + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, + "Parse error in type map, Content-Length: " + "'%s' in %s is invalid.", + body, r->filename); + break; + } + mime_info.bytes = number; has_content = 1; } else if (!strncmp(buffer, "content-language:", 17)) { @@ -2557,7 +2568,7 @@ static void set_neg_headers(request_rec *r, negotiation_state *neg, /* Note that the Alternates specification (in rfc2295) does * not require that we include {length x}, so we could omit it * if determining the length is too expensive. We currently - * always include it though. 22 bytes is enough for 2^64. + * always include it though. * * If the variant is a CGI script, find_content_length would * return the length of the script, not the output it