httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From m...@hyperreal.org
Subject cvs commit: apache/support logresolve.c
Date Mon, 05 Jan 1998 21:06:15 GMT
marc        98/01/05 13:06:15

  Modified:    support  Tag: APACHE_1_2_X logresolve.c
  Log:
  SECURITY: Fix a possible buffer overflow in logresolve.  This is
  only an issue on systems without a MAXDNAME define or where the
  resolver returns domain names longer than MAXDNAME.
  
  Reviewed by:	Martin Kraemer, Mark J Cox, Dean Gaudet, Randy Terbush
  
  Revision  Changes    Path
  No                   revision
  
  
  No                   revision
  
  
  1.7.2.1   +3 -1      apache/support/logresolve.c
  
  Index: logresolve.c
  ===================================================================
  RCS file: /export/home/cvs/apache/support/logresolve.c,v
  retrieving revision 1.7
  retrieving revision 1.7.2.1
  diff -u -r1.7 -r1.7.2.1
  --- logresolve.c	1997/02/04 23:54:28	1.7
  +++ logresolve.c	1998/01/05 21:06:15	1.7.2.1
  @@ -202,7 +202,9 @@
       } else
   	cachehits++;
   
  -    strcpy(string, (*current)->hostname);
  +    /* size of string == MAXDNAME +1 */
  +    strncpy(string, (*current)->hostname, MAXDNAME);
  +    string[MAXDNAME] = '\0';
   }
   
   /*
  
  
  

Mime
View raw message