[reSIProcate] Unsafe use of Content-Length in ConnectionBase
Byron Campen
bcampen at estacado.net
Tue Aug 29 16:04:55 CDT 2006
ConnectionBase uses header(h_ContentLength) without a try block in
two places. If Content-Length is malformed, we could end up with
strange behavior (I haven't dug very deep into precisely how
strange). Recommend we wrap these in try, and if something goes
wrong, scrap the connection.
Best regards,
Byron Campen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2369 bytes
Desc: not available
URL: <http://list.resiprocate.org/pipermail/resiprocate-devel/attachments/20060829/1bc8fb7a/attachment.bin>
More information about the resiprocate-devel
mailing list