coturn/coturn-4.5.1.1-cve-2020-6061.patch

From 51a7c2b9bf924890c7a3ff4db9c4976c5a93340a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?M=C3=A9sz=C3=A1ros=20Mih=C3=A1ly?= <misi@majd.eu>
Date: Mon, 17 Feb 2020 10:34:56 +0100
Subject: [PATCH] Fix: CVE-2020-6061/TALOS-2020-0984

---
 src/apps/relay/http_server.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/apps/relay/http_server.c b/src/apps/relay/http_server.c
index 573af49b..1126b49c 100644
--- a/src/apps/relay/http_server.c
+++ b/src/apps/relay/http_server.c
@@ -103,7 +103,7 @@ const char* get_http_date_header()
 
 static struct headers_list * post_parse(char *data, size_t data_len)
 {
-	while((*data=='\r')||(*data=='\n')) ++data;
+	while((*data=='\r')||(*data=='\n')) { ++data; --data_len; }
 	char *post_data = (char*)calloc(data_len + 1, sizeof(char));
 	memcpy(post_data, data, data_len);
 	char *fmarker = NULL;