From ec4b0240a453aa667ff764590f05c0296eefbf9f Mon Sep 17 00:00:00 2001
From: CoprDistGit <infra@openeuler.org>
Date: Tue, 6 Aug 2024 02:28:51 +0000
Subject: automatic import of libmicrohttpd

---
 cve-2023-27371.patch | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 cve-2023-27371.patch

(limited to 'cve-2023-27371.patch')

diff --git a/cve-2023-27371.patch b/cve-2023-27371.patch
new file mode 100644
index 0000000..fa85125
--- /dev/null
+++ b/cve-2023-27371.patch
@@ -0,0 +1,15 @@
+diff --git a/src/microhttpd/postprocessor.c b/src/microhttpd/postprocessor.c
+index 99074215..c00605c7 100644
+--- a/src/microhttpd/postprocessor.c
++++ b/src/microhttpd/postprocessor.c
+@@ -83,7 +83,7 @@ MHD_create_post_processor (struct MHD_Connection *connection,
+       return NULL; /* failed to determine boundary */
+     boundary += MHD_STATICSTR_LEN_ ("boundary=");
+     blen = strlen (boundary);
+-    if ( (blen == 0) ||
++    if ( (blen < 2) ||
+          (blen * 2 + 2 > buffer_size) )
+       return NULL;              /* (will be) out of memory or invalid boundary */
+     if ( (boundary[0] == '"') &&
+-- 
+cgit v1.2.3
-- 
cgit v1.2.3