srs icon indicating copy to clipboard operation
srs copied to clipboard
verified publisher icon ossrs

Fix: Potential Vulnerability in HTTP Parser Implementation

Open yannaingtun opened this issue 10 months ago • 1 comments

Description This PR fixes a security vulnerability in http_parser_execute() that was cloned from node but did not receive the security patch. The original issue was reported and fixed under nodejs/node@fc70ce0. This PR applies the same patch to eliminate the vulnerability.

References

  • https://nvd.nist.gov/vuln/detail/CVE-2020-8287
  • https://github.com/nodejs/node/commit/fc70ce08f5818a286fb5899a1bc3aff5965a745e

yannaingtun avatar Feb 27 '25 16:02 yannaingtun

Please resolve the errors in the pipeline first.

TRANS_BY_GPT4

duiniuluantanqin avatar Feb 28 '25 05:02 duiniuluantanqin

Thank you, but the PR has been closed for too long a time.

winlinvip avatar Aug 12 '25 01:08 winlinvip