httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randy Terbush <ra...@hyperreal.com>
Subject cvs commit: apache/src mod_cookies.c
Date Sun, 12 Jan 1997 00:45:56 GMT
randy       97/01/11 16:45:55

  Branch:      src       RELEASE_1_1_X
  Modified:    src       mod_cookies.c
  Log:
  Fix a buffer overflow problem which could allow unauthorized access.
  Reviewed by: Marc Slemko, Randy Terbush, Ben Laurie
  Submitted by: Alfred Huger <ahuger@secnet.com>
  
  Revision  Changes    Path
  1.9.2.2   +4 -1      apache/src/Attic/mod_cookies.c
  
  Index: mod_cookies.c
  ===================================================================
  RCS file: /export/home/cvs/apache/src/Attic/mod_cookies.c,v
  retrieving revision 1.9.2.1
  retrieving revision 1.9.2.2
  diff -C3 -r1.9.2.1 -r1.9.2.2
  *** mod_cookies.c	1996/07/04 13:04:22	1.9.2.1
  --- mod_cookies.c	1997/01/12 00:45:54	1.9.2.2
  ***************
  *** 119,125 ****
    void make_cookie(request_rec *r)
    {
        struct timeval tv;
  !     char new_cookie[100];	/* blurgh */
        char *dot;
        const char *rname = pstrdup(r->pool, 
    				get_remote_host(r->connection, r->per_dir_config,
  --- 119,125 ----
    void make_cookie(request_rec *r)
    {
        struct timeval tv;
  !     char new_cookie[1024];	/* blurgh */
        char *dot;
        const char *rname = pstrdup(r->pool, 
    				get_remote_host(r->connection, r->per_dir_config,
  ***************
  *** 128,133 ****
  --- 128,136 ----
        struct timezone tz = { 0 , 0 };
    
        if ((dot = strchr(rname,'.'))) *dot='\0';	/* First bit of hostname */
  +     if (strlen (rname) > 255)
  +       rname[256] = 0;
  + 
        gettimeofday(&tv, &tz);
        sprintf(new_cookie,"%s%s%d%ld%d; path=/",
            COOKIE_NAME, rname,
  
  
  

Mime
View raw message