apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe, Jr." <wr...@rowe-clan.net>
Subject bug in apr_brigade.c
Date Wed, 23 Jan 2002 17:04:44 GMT
This code below is buggy on LARGEFILE platforms, since the apr_off_t tmp
brigade length may not fit in memory (the apr_size_t actual.)

This is actually really crufty - since this code needs to deal with -1
length buckets - they are read [seperately] to resolve the length and 
then recopied into the flatten bucket [from zero copy to three copy 
in 10e-6 seconds].  Actually that's an assumption that apr_brigade_length
still does so, I'm not certain.  If not, I presume apr_brigade_length
may have returned -1.

And I'm really uncomfortable about 'adding' null terminators.  But that's
a different point.

For the real issue, any solution, brigade hackers?


APU_DECLARE(char *) apr_brigade_pflatten(apr_bucket_brigade *bb,
                                         apr_pool_t *pool)
    apr_off_t tmp;
    apr_size_t actual;
    char *c;

    apr_brigade_length(bb, 1, &tmp);
    actual = tmp;
    c = apr_palloc(pool, actual + 1);
    apr_brigade_flatten(bb, c, &actual);
    c[actual] = '\0';

    return APR_SUCCESS;

View raw message