httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From thom...@apache.org
Subject cvs commit: apache-1.3/src CHANGES
Date Wed, 30 Apr 2003 11:43:50 GMT
thommay     2003/04/30 04:43:50

  Modified:    src/support htdigest.c
               src      CHANGES
  Log:
  Fix a pair of potential buffer overflows in htdigest
  
  Obtained from: Martin Schulze <joey@infodrom.org>
  Reviewed by: William Rowe, Sander Striker, David Reid
  
  Revision  Changes    Path
  1.37      +2 -2      apache-1.3/src/support/htdigest.c
  
  Index: htdigest.c
  ===================================================================
  RCS file: /home/cvs/apache-1.3/src/support/htdigest.c,v
  retrieving revision 1.36
  retrieving revision 1.37
  diff -u -r1.36 -r1.37
  --- htdigest.c	3 Feb 2003 17:13:37 -0000	1.36
  +++ htdigest.c	30 Apr 2003 11:43:49 -0000	1.37
  @@ -253,8 +253,8 @@
   	fprintf(stderr, "Use -c option to create new one.\n");
   	exit(1);
       }
  -    strcpy(user, argv[3]);
  -    strcpy(realm, argv[2]);
  +    ap_cpystrn(user, argv[3], sizeof(user));
  +    ap_cpystrn(realm, argv[2], sizeof(realm));
   
       found = 0;
       while (!(getline(line, MAX_STRING_LEN, f))) {
  
  
  
  1.1889    +3 -0      apache-1.3/src/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /home/cvs/apache-1.3/src/CHANGES,v
  retrieving revision 1.1888
  retrieving revision 1.1889
  diff -u -r1.1888 -r1.1889
  --- CHANGES	25 Apr 2003 13:50:22 -0000	1.1888
  +++ CHANGES	30 Apr 2003 11:43:49 -0000	1.1889
  @@ -1,4 +1,7 @@
   Changes with Apache 1.3.28
  +  
  +  *) Fix a pair of potential buffer overflows in htdigest
  +     [Martin Schulze <joey@infodrom.org>, Thom May]
   
     *) A newly created child now has a start_time of 0, to prevent
        mod_status from displaying a bogus value for the "time to
  
  
  

Mime
View raw message