|
From: | Raimund 'Raimi' Jacob-Blödorn |
Subject: | Re: [bug-serveez] Serveez Information Leak Vulnerability |
Date: | Sat, 9 Nov 2019 16:58:02 +0100 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.0 |
On 11/7/19 5:57 PM, Austin James Gadient wrote: Hello Austin!
Just following up. Have you had a chance to look at this?
Well, I cannot do much with your Mac OS compilation attempts.I tried to diff your sources against the "next" branch of the serveez git repository but could not identify any change of yours.
If I understand you correctly, it should be sufficient to make http->contentlength an unsigned int (and/or have an arbitrary cap somwhere).
I am really sorry to have so little time to investigate. But if you send mit a simple diff I'll do my best to apply it.
Greetings, Raimund
[Prev in Thread] | Current Thread | [Next in Thread] |