httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bnicho...@apache.org
Subject cvs commit: httpd-2.0/server config.c
Date Mon, 12 Apr 2004 21:34:19 GMT
bnicholes    2004/04/12 14:34:19

  Modified:    .        Tag: APACHE_2_0_BRANCH STATUS
               server   Tag: APACHE_2_0_BRANCH config.c
  Log:
  Don't allocation large buffers on the stack to avoid over-running a fixed length stack when
ap_build_cont_config() is called recursively (ie. nested <IfDefine> blocks).
  
  Reviewed by: bnicholes, nd, trawick
  
  Revision  Changes    Path
  No                   revision
  No                   revision
  1.751.2.815 +1 -8      httpd-2.0/STATUS
  
  Index: STATUS
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/STATUS,v
  retrieving revision 1.751.2.814
  retrieving revision 1.751.2.815
  diff -u -r1.751.2.814 -r1.751.2.815
  --- STATUS	12 Apr 2004 21:26:25 -0000	1.751.2.814
  +++ STATUS	12 Apr 2004 21:34:18 -0000	1.751.2.815
  @@ -115,13 +115,6 @@
            http://cvs.apache.org/viewcvs.cgi/httpd-2.0/server/core.c?r1=1.272&r2=1.273
          +1: nd (geoff)
   
  -    *) Nested <IfDefine> blocks will cause ap_build_cont_config()
  -       to be called recursively. Allocate the temporary 8k 
  -       string buffer from the temp_pool rather than the stack to 
  -       avoid over-running a fixed length stack.
  -         server/config.c: r1.174
  -       +1: bnicholes, nd, trawick
  -
       *) Fix segfault in mod_expires. PR 28047
            modules/metadata/mod_expires.c: r1.54
          +1: nd, bnicholes, trawick
  
  
  
  No                   revision
  No                   revision
  1.156.2.15 +7 -1      httpd-2.0/server/config.c
  
  Index: config.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/server/config.c,v
  retrieving revision 1.156.2.14
  retrieving revision 1.156.2.15
  diff -u -r1.156.2.14 -r1.156.2.15
  --- config.c	18 Feb 2004 22:24:12 -0000	1.156.2.14
  +++ config.c	12 Apr 2004 21:34:18 -0000	1.156.2.15
  @@ -985,10 +985,16 @@
                                                 ap_directive_t **curr_parent,
                                                 char *orig_directive)
   {
  -    char l[MAX_STRING_LEN];
  +    char *l;
       char *bracket;
       const char *retval;
       ap_directive_t *sub_tree = NULL;
  +
  +    /* Since this function can be called recursively, allocate
  +     * the temporary 8k string buffer from the temp_pool rather 
  +     * than the stack to avoid over-running a fixed length stack.
  +     */
  +    l = apr_palloc(temp_pool, MAX_STRING_LEN);
   
       bracket = apr_pstrcat(p, orig_directive + 1, ">", NULL);
       while (!(ap_cfg_getline(l, MAX_STRING_LEN, parms->config_file))) {
  
  
  

Mime
View raw message