axis-c-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Henrik Nordberg (JIRA)" <axis-c-...@ws.apache.org>
Subject [jira] Created: (AXISCPP-826) Apache2Transport::getBytes() may lead to access violation
Date Tue, 13 Sep 2005 02:23:30 GMT
Apache2Transport::getBytes() may lead to access violation
---------------------------------------------------------

         Key: AXISCPP-826
         URL: http://issues.apache.org/jira/browse/AXISCPP-826
     Project: Axis-C++
        Type: Bug
  Components: Transport (Server), Transport (axis2), Server - Apache module  
    Versions: unspecified    
    Reporter: Henrik Nordberg


You can't use a function like strstr() on a non-null terminated string, such as the buffer
filled by ap_get_client_block(). This is done in Apache2Transport::getBytes() in Apache2Transport.cpp,
where the following code is copied from:

    len_read = ap_get_client_block((request_rec*) m_pContext, pBuffer, *piSize);
 
  if (strstr(pBuffer, "Content-Id")) {
  pAttachmentHelper = new AttachmentHelper();
...

pBuffer must be terminated with a '\0' before you can use it in a call to strstr(). So maybe
that if(strstr... block should be moved down to just before return TRANSPORT_FINISHED; ? I
am not sure of the intention of the code, so the author should make the decision.



-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message