httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bnicho...@apache.org
Subject cvs commit: httpd-2.0/server util.c
Date Wed, 12 Feb 2003 17:17:10 GMT
bnicholes    2003/02/12 09:17:10

  Modified:    server   util.c
  Log:
  Avoid passing too many characters to getenv.  Make sure that only the
  environment variable string is passed.
  
  Revision  Changes    Path
  1.137     +3 -1      httpd-2.0/server/util.c
  
  Index: util.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/server/util.c,v
  retrieving revision 1.136
  retrieving revision 1.137
  diff -u -r1.136 -r1.137
  --- util.c	3 Feb 2003 17:53:19 -0000	1.136
  +++ util.c	12 Feb 2003 17:17:09 -0000	1.137
  @@ -837,8 +837,10 @@
                  strncat(tmp,word,s - word);
                  if ((s[1] == '{') && (e=ap_strchr_c(s,'}'))) {
                          const char *e2 = e;
  +                       char *var;
                          word = e + 1;
  -                       e = getenv(s+2);
  +                       var = apr_pstrndup(p, s+2, e2-(s+2));
  +                       e = getenv(var);
                          if (e) {
                              strcat(tmp,e);
                          } else {
  
  
  

Mime
View raw message