DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=14631>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=14631
Passing unsafe_source data buffer to strstr
trawick@apache.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
------- Additional Comments From trawick@apache.org 2002-11-18 14:09 -------
It is definitely weird code, but the strstr() call does not need a
terminating '\0' because it is guaranteed to find the tag before
the end of the buffer due to the line right before the call to
strstr().
The strncpy() call right before strstr() puts a copy of the tag
after the data read from the file, so strstr() definitely has
something to find.
But thanks for looking anyway :) More eyes are always good.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
|