- Added patch to circumvent integer overflow in Content-Length header

  parsing, until new upstream package is released.

PR:		ports/155027
Submitted by:	C-S <c-s@c-s.li>
Security:	b13414c9-50ba-11e0-975a-000c29cc39d3
Security:	http://www.hiawatha-webserver.org/weblog/16
Security:	http://secunia.com/advisories/43660/

2 files changed, 20 insertions, 0 deletions

diff --git a/www/hiawatha/Makefile b/www/hiawatha/Makefile
index 82a17c989d02..deb5cc5c553a 100644
--- a/www/hiawatha/Makefile
+++ b/www/hiawatha/Makefile
@@ -7,6 +7,7 @@
 
 PORTNAME=	hiawatha
 PORTVERSION=	7.4
+PORTREVISION=	1
 CATEGORIES=	www
 MASTER_SITES=	http://www.hiawatha-webserver.org/files/ \
 		http://www.c-s.li/ports/
diff --git a/www/hiawatha/files/patch-hiawatha.c b/www/hiawatha/files/patch-hiawatha.c
new file mode 100644
index 000000000000..c6c00ed61877
--- /dev/null
+++ b/www/hiawatha/files/patch-hiawatha.c
@@ -0,0 +1,19 @@
+--- ./hiawatha.c.orig	2010-11-02 17:03:24.000000000 -0400
++++ ./hiawatha.c	2011-02-25 16:41:31.000000000 -0500
+@@ -34,6 +34,7 @@
+ #include <sys/wait.h>
+ #include <sys/socket.h>
+ #include <sys/time.h>
++#include <limits.h>
+ #include "alternative.h"
+ #include "mimetype.h"
+ #include "serverconfig.h"
+@@ -418,7 +419,7 @@
+ 							*strend = '\0';
+ 							content_length = str2int(strstart);
+ 							*strend = '\r';
+-							if (content_length < 0) {
++							if ((content_length < 0) || (INT_MAX - content_length - 2 <= header_length)) {
+ 								result = 400;
+ 								break;
+ 							}