httpd-apreq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Schaefer <joe+gm...@sunstarsys.com>
Subject Re: Bugreport: Segmentation fault when using wrong percent escapes
Date Thu, 11 Dec 2003 16:16:06 GMT
Max Kellermann <max@linuxtag.org> writes:

> Hi,
> 
> I found a bug in apreq2 v2.02-dev (which is still in CVS HEAD): when
> you decode a query string which uses an invalid percent escape
> (e.g. "test=foo%d"), apreq segfaults in function apr_table_addn.
> 
> This is because apreq_decode_param leaves param->v.name with a NULL
> value when it finds an invalid sequence. It also sets param->v.status
> to APR_BADARG. Calling function apreq_parse_query_string does not
> check param->v.status and tries to call apr_table_addn with NULL key.

Thanks!  I just applied a minor variant of your patch.

-- 
Joe Schaefer


Mime
View raw message