httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [Bug 56038] mod_session excludes not processed correctly
Date Mon, 20 Jan 2014 20:35:42 GMT

--- Comment #2 from Erik Pearson <> ---
Yes, it would.

BTW shouldn't the actual fix be according to Apache coding standards, whatever
that is? I haven't truly coded in C for years. A quick scan of the source tree
shows mixed usage of strncmp(). Often it is treated as a boolean; other times
as an integer with a numeric comparison. 

I would think from a code clarity position, the integer comparisons, with ==0
for a match and !=0 for a non-match, would be best. The boolean usage reads
counter for me -- you have to use !strncmp() to mean a match. Although for C
programmers the idiom may be second nature.

Maybe a macro like STARTS_WITH would have been clearer?

In this case, and out of scope of this bug, I would argue that this should be a
regex comparison -- it will likely be matched to authentication requirements.
That is, to avoid the session overhead on nonauthenticated resources, one would
probably want to use the same expression here as in a LocationMatch or whatever
is used to set up a pattern for authentication.

You are receiving this mail because:
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message