Content-Length header should always be interpreted as a decimal.

Leading 0  could be erroneously considered as an octal value. PR 56598.
[Chris Card <ctcard hotmail com>]

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1626086 13f79535-47bb-0310-9956-ffa450edef68

CHANGES

@@ -1,6 +1,10 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.5.0
 
+  *) Content-Length header should be always interpreted as a decimal. Leading 0
+     could be erroneously considered as an octal value. PR 56598.
+     [Chris Card <ctcard hotmail com>]
+  
   *) SECURITY: CVE-2014-3581 (cve.mitre.org)
      mod_cache: Avoid a crash when Content-Type has an empty value. PR56924.
      [Mark Montague <mark catseye.org>, Jan Kaluza]

modules/apreq/filter.c

@@ -124,7 +124,7 @@ void apreq_filter_init_context(ap_filter_t *f)
 
     if (cl_header != NULL) {
         char *dummy;
-        apr_uint64_t content_length = apr_strtoi64(cl_header,&dummy,0);
+        apr_uint64_t content_length = apr_strtoi64(cl_header, &dummy, 10);
 
         if (dummy == NULL || *dummy != 0) {
             ap_log_rerror(APLOG_MARK, APLOG_ERR, APR_EGENERAL, r, APLOGNO(02045)

server/apreq_module_cgi.c

@@ -352,7 +352,7 @@ static void init_body(apreq_handle_t *handle)
 
     if (cl_header != NULL) {
         char *dummy;
-        apr_int64_t content_length = apr_strtoi64(cl_header, &dummy, 0);
+        apr_int64_t content_length = apr_strtoi64(cl_header, &dummy, 10);
 
         if (dummy == NULL || *dummy != 0) {
             req->body_status = APREQ_ERROR_BADHEADER;