Highlights
Buffer Overflow: 2 prior fixes. Scrutinize any change in this area.
src/libhttpd.c: most-fixed (3 issues). Treat as high-risk during review.
1 high-severity fix in this history; regressions here are high-impact.
Recurring patterns
The bug types that recur here, drawn from past fixes, not open vulnerabilities.
Buffer Overflow: The URI path normalization function `de_dotdot` contained a heap buffer overflow due to an incorrect length calculation during a `memmove` operation, representing a high risk of memory corruption via manipulated URL requests.
Buffer Overflow: Trimming operations on empty path strings could result in an out-of-bounds array access (index underflow) when evaluating `checked[checkedlen - 1]` without verifying that `checkedlen` is greater than zero.
Denial of Service: A null pointer dereference leading to a daemon crash occurs when parsing a malformed or specially-crafted `.htpasswd` file, because the return value of `crypt()` is passed to `strcmp` without a prior NULL check.