#! /bin/sh /usr/share/dpatch/dpatch-run
# Fix memory consumption when receiving lots of small packages
# CVE-2010-1623
@DPATCH@
diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' lenny-apr-util~/buckets/apr_brigade.c lenny-apr-util/buckets/apr_brigade.c
--- lenny-apr-util~/buckets/apr_brigade.c 2010-09-30 17:10:50.094743227 +0200
+++ lenny-apr-util/buckets/apr_brigade.c 2010-09-30 17:11:48.178286666 +0200
@@ -326,7 +326,19 @@
return APR_SUCCESS;
}
APR_BUCKET_REMOVE(e);
- APR_BRIGADE_INSERT_TAIL(bbOut, e);
+ if (APR_BUCKET_IS_METADATA(e) || len > APR_BUCKET_BUFF_SIZE/4) {
+ APR_BRIGADE_INSERT_TAIL(bbOut, e);
+ }
+ else {
+ if (len > 0) {
+ rv = apr_brigade_write(bbOut, NULL, NULL, str, len);
+ if (rv != APR_SUCCESS) {
+ apr_bucket_destroy(e);
+ return rv;
+ }
+ }
+ apr_bucket_destroy(e);
+ }
readbytes += len;
/* We didn't find an APR_ASCII_LF within the maximum line length. */
if (readbytes >= maxbytes) {
![[patchlogo]](http://patch-tracker.debian.org/static/img/swirlpatch.png)