apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Simone <bassosim...@slacky.it>
Subject Re: apr_brigade_split_line() may leave zero length bucket in input brigade
Date Tue, 04 Dec 2007 12:03:27 GMT
Joe Orton wrote:
> On Mon, Dec 03, 2007 at 10:08:10AM +0100, Simone wrote:
>> I found that apr_brigade_split_line() may leave a zero length Heap
>> bucket in bbIn brigade, when such brigade contains exactly a line. I've
>> read the source (1.2.10) and I think it happens in apr_bucket_split(),
>> given the fact that the point where to split equals original bucket's
>> length.
> 
> As you say, this isn't a bug; but avoiding the split in that case is 
> cheap so might as well be done.

I like this idea: I think it's better to avoid the split rather than to
document such special case. Just a question: isn't it better to patch
apr_bucket_simple_split()? I guess that the same problem could be
triggered by other functions calling simple_split(), isn't it?

--- apr_buckets_simple.c.orig   2007-12-04 08:26:51.000000000 +0100
+++ apr_buckets_simple.c        2007-12-04 08:27:51.000000000 +0100
@@ -33,6 +33,9 @@
      if (point > a->length) {
          return APR_EINVAL;
      }
+    else if (point == a->length) {
+        return APR_SUCCESS;
+    }

      apr_bucket_simple_copy(a, &b);









Mime
View raw message