httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From thom...@apache.org
Subject cvs commit: httpd-2.0/support htdigest.c
Date Tue, 13 May 2003 15:39:08 GMT
thommay     2003/05/13 08:39:08

  Modified:    .        Tag: APACHE_2_0_BRANCH CHANGES STATUS
               support  Tag: APACHE_2_0_BRANCH htdigest.c
  Log:
  Backport htdigest buffer overflow fixes from 2.1
  Reviewed by: Andre Malo, Jeff Trawick
  
  Revision  Changes    Path
  No                   revision
  
  
  No                   revision
  
  
  1.988.2.88 +2 -0      httpd-2.0/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/CHANGES,v
  retrieving revision 1.988.2.87
  retrieving revision 1.988.2.88
  diff -u -r1.988.2.87 -r1.988.2.88
  --- CHANGES	13 May 2003 14:49:38 -0000	1.988.2.87
  +++ CHANGES	13 May 2003 15:39:07 -0000	1.988.2.88
  @@ -1,5 +1,7 @@
   Changes with Apache 2.0.46
   
  +  *) forward port of buffer overflow fixes for htdigest. [Thom May]
  +
     *) Added AllowEncodedSlashes directive to permit control of whether
        the server will accept encoded slashes ('%2f') in the URI path.
        Default condition is off (the historical behaviour).  This permits
  
  
  
  1.751.2.250 +1 -4      httpd-2.0/STATUS
  
  Index: STATUS
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/STATUS,v
  retrieving revision 1.751.2.249
  retrieving revision 1.751.2.250
  diff -u -r1.751.2.249 -r1.751.2.250
  --- STATUS	13 May 2003 15:10:46 -0000	1.751.2.249
  +++ STATUS	13 May 2003 15:39:07 -0000	1.751.2.250
  @@ -228,9 +228,6 @@
         server/core.c r1.232+r1.235
         +1: trawick, stoddard
   
  -    * Fix for a pair of potential buffer overflows in htdigest.
  -      support/htdigest.c r1.36
  -      +1: thommay, nd, trawick
   
       * Hook mod_rewrite's type checker before mod_mime's one. That way the
         RewriteRule [T=...] Flag should work as expected now. PR 19626.
  
  
  
  No                   revision
  
  
  No                   revision
  
  
  1.33.2.3  +2 -2      httpd-2.0/support/htdigest.c
  
  Index: htdigest.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/support/htdigest.c,v
  retrieving revision 1.33.2.2
  retrieving revision 1.33.2.3
  diff -u -r1.33.2.2 -r1.33.2.3
  --- htdigest.c	9 Mar 2003 16:58:16 -0000	1.33.2.2
  +++ htdigest.c	13 May 2003 15:39:08 -0000	1.33.2.3
  @@ -307,8 +307,8 @@
   	fprintf(stderr, "Use -c option to create new one.\n");
   	cleanup_tempfile_and_exit(1);
       }
  -    strcpy(user, argv[3]);
  -    strcpy(realm, argv[2]);
  +    apr_cpystrn(user, argv[3], sizeof(user));
  +    apr_cpystrn(realm, argv[2], sizeof(realm));
   
       found = 0;
       while (!(get_line(line, MAX_STRING_LEN, f))) {
  
  
  

Mime
View raw message