From 75594f2d4a7c1240eac7aa7d14c9521f4dc4c284 Mon Sep 17 00:00:00 2001
From: Stefan Eissing <icing@apache.org>
Date: Wed, 25 May 2022 11:32:52 +0000
Subject:   *) mod_md: a logic bug in sending long OCSP HTTP request bodies was
 fixed.      This did not happen in normal use as request sizes for OSCP
 queries      never exceed that length.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1901230 13f79535-47bb-0310-9956-ffa450edef68
---
 modules/md/md_curl.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'modules/md/md_curl.c')

diff --git a/modules/md/md_curl.c b/modules/md/md_curl.c
index 3a69ad4d98..0a399f9a50 100644
--- a/modules/md/md_curl.c
+++ b/modules/md/md_curl.c
@@ -64,6 +64,7 @@ static size_t req_data_cb(void *data, size_t len, size_t nmemb, void *baton)
     apr_bucket_brigade *body = baton;
     size_t blen, read_len = 0, max_len = len * nmemb;
     const char *bdata;
+    char *rdata = data;
     apr_bucket *b;
     apr_status_t rv;
     
@@ -81,9 +82,10 @@ static size_t req_data_cb(void *data, size_t len, size_t nmemb, void *baton)
                     apr_bucket_split(b, max_len);
                     blen = max_len;
                 }
-                memcpy(data, bdata, blen);
+                memcpy(rdata, bdata, blen);
                 read_len += blen;
                 max_len -= blen;
+                rdata += blen;
             }
             else {
                 body = NULL;
-- 
cgit v1.2.3