httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From stodd...@apache.org
Subject cvs commit: httpd-2.0/modules/experimental mod_mem_cache.c
Date Mon, 06 May 2002 17:23:50 GMT
stoddard    02/05/06 10:23:50

  Modified:    modules/experimental mod_mem_cache.c
  Log:
  Protect from buffer overflow when populating a HEAP based cache object.
  
  Revision  Changes    Path
  1.57      +10 -5     httpd-2.0/modules/experimental/mod_mem_cache.c
  
  Index: mod_mem_cache.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/experimental/mod_mem_cache.c,v
  retrieving revision 1.56
  retrieving revision 1.57
  diff -u -r1.56 -r1.57
  --- mod_mem_cache.c	6 May 2002 16:17:49 -0000	1.56
  +++ mod_mem_cache.c	6 May 2002 17:23:49 -0000	1.57
  @@ -816,11 +816,16 @@
           if (rv != APR_SUCCESS) {
               return rv;
           }
  -        /* XXX Check for overflow */
  -        if (len ) {
  -            memcpy(cur, s, len);
  -            cur+=len;
  -            obj->count+=len;
  +        if (len) {
  +            /* Check for buffer overflow */
  +           if ((obj->count + len) > mobj->m_len) {
  +               return APR_ENOMEM;
  +           }
  +           else {
  +               memcpy(cur, s, len);
  +               cur+=len;
  +               obj->count+=len;
  +           }
           }
           /* This should not happen, but if it does, we are in BIG trouble
            * cause we just stomped all over the heap.
  
  
  

Mime
View raw message