This is the mail archive of the ecos-bugs@sourceware.org mailing list for the eCos project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug 1000375] New: ATHTTPD security endless loop in invalid-Authorization parse


https://bugzilla.ecoscentric.com/show_bug.cgi?id=1000375

           Summary: ATHTTPD security endless loop in invalid-Authorization
                    parse
           Product: eCos
           Version: 2.0
          Platform: All
        OS/Version: Other
            Status: UNCONFIRMED
          Severity: critical
          Priority: normal
         Component: Other
        AssignedTo: jifl@ecoscentric.com
        ReportedBy: bugzilla_rmvthis@ds3switch.com
         QAContact: ecos-bugs@sources.redhat.com


It appears that the athttpd code that parses the Authorization line of a client response will experience an endless loop if an unknown token is encountered due to lack of default case.

In cyg_httpd_process_header:946

                while ((*p != '\r') && (*p != '\n'))
                {
                    if (strncasecmp(p, "realm=", 6) == 0)
                        p = cyg_httpd_digest_skip(p + 6);
                    else if (strncasecmp(p, "username=", 9) == 0)
...

-- 
Configure bugmail: https://bugzilla.ecoscentric.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]