httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 14631] - Passing unsafe_source data buffer to strstr
Date Mon, 18 Nov 2002 14:09:24 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=14631>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=14631

Passing unsafe_source data buffer to strstr

trawick@apache.org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |INVALID



------- Additional Comments From trawick@apache.org  2002-11-18 14:09 -------
It is definitely weird code, but the strstr() call does not need a
terminating '\0' because it is guaranteed to find the tag before
the end of the buffer due to the line right before the call to
strstr().

The strncpy() call right before strstr() puts a copy of the tag 
after the data read from the file, so strstr() definitely has 
something to find.

But thanks for looking anyway :)  More eyes are always good.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message