httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rpl...@apache.org
Subject svn commit: r678160 - in /httpd/httpd/trunk: CHANGES modules/session/mod_session.c
Date Sat, 19 Jul 2008 14:00:23 GMT
Author: rpluem
Date: Sat Jul 19 07:00:23 2008
New Revision: 678160

URL: http://svn.apache.org/viewvc?rev=678160&view=rev
Log:
* Prevent a segfault when a CGI script sets a cookie with a null value.

Submitted by: David Shane Holden <dpejesh apache.org>
Reviewed by: rpluem

Modified:
    httpd/httpd/trunk/CHANGES
    httpd/httpd/trunk/modules/session/mod_session.c

Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=678160&r1=678159&r2=678160&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Sat Jul 19 07:00:23 2008
@@ -2,6 +2,8 @@
 Changes with Apache 2.3.0
 [ When backported to 2.2.x, remove entry from this file ]
 
+  *) mod_session: Prevent a segfault when a CGI script sets a cookie with a
+     null value. [David Shane Holden <dpejesh apache.org>]
 
   *) mod_headers: Prevent Header edit from processing only the first header
      of possibly multiple headers with the same name and deleting the

Modified: httpd/httpd/trunk/modules/session/mod_session.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/session/mod_session.c?rev=678160&r1=678159&r2=678160&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/session/mod_session.c (original)
+++ httpd/httpd/trunk/modules/session/mod_session.c Sat Jul 19 07:00:23 2008
@@ -364,7 +364,7 @@
             if (!val || !*val) {
                 apr_table_unset(z->entries, key);
             }
-            if (!ap_unescape_all(key) && !ap_unescape_all(val)) {
+            else if (!ap_unescape_all(key) && !ap_unescape_all(val)) {
                 if (!strcmp(SESSION_EXPIRY, key)) {
                     z->expiry = (apr_time_t) apr_atoi64(val);
                 }



Mime
View raw message