httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From thom...@apache.org
Subject cvs commit: httpd-2.0/support htdigest.c
Date Thu, 01 May 2003 13:45:38 GMT
thommay     2003/05/01 06:45:38

  Modified:    .        CHANGES
               support  htdigest.c
  Log:
  Forward port a fix for a pair of potential buffer overflows in htdigest from 1.3
  
  Revision  Changes    Path
  1.1156    +2 -0      httpd-2.0/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/CHANGES,v
  retrieving revision 1.1155
  retrieving revision 1.1156
  diff -u -r1.1155 -r1.1156
  --- CHANGES	24 Apr 2003 16:17:03 -0000	1.1155
  +++ CHANGES	1 May 2003 13:45:37 -0000	1.1156
  @@ -2,6 +2,8 @@
   
     [Remove entries to the current 2.0 section below, when backported]
   
  +  *) forward port of buffer overflow fixes for htdigest. [Thom May]
  +
     *) prefork MPM: Use the right permissions for the directory created 
        for gprof support.  [Jim Carlson <jcarlson@jnous.com>]
   
  
  
  
  1.36      +2 -2      httpd-2.0/support/htdigest.c
  
  Index: htdigest.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/support/htdigest.c,v
  retrieving revision 1.35
  retrieving revision 1.36
  diff -u -r1.35 -r1.36
  --- htdigest.c	5 Mar 2003 16:37:00 -0000	1.35
  +++ htdigest.c	1 May 2003 13:45:38 -0000	1.36
  @@ -307,8 +307,8 @@
   	fprintf(stderr, "Use -c option to create new one.\n");
   	cleanup_tempfile_and_exit(1);
       }
  -    strcpy(user, argv[3]);
  -    strcpy(realm, argv[2]);
  +    apr_cpystrn(user, argv[3], sizeof(user));
  +    apr_cpystrn(realm, argv[2], sizeof(realm));
   
       found = 0;
       while (!(get_line(line, MAX_STRING_LEN, f))) {
  
  
  

Mime
View raw message