httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Behlendorf <>
Subject Re: host truncation bug seems to be in mod_cookies.c
Date Mon, 22 Apr 1996 21:19:28 GMT

D'oh!  from mod_cookies.c:

void make_cookie(request_rec *r)
    struct timeval tv;
    char new_cookie[100];       /* blurgh */
    char *dot;
    const char *rname = get_remote_host(r->connection, r->per_dir_config,
    struct timezone tz = { 0 , 0 };

    if ((dot = strchr(rname,'.'))) *dot='\0';   /* First bit of hostname */
    gettimeofday(&tv, &tz);
    sprintf(new_cookie,"%s%s%d%ld%d; path=/",
        COOKIE_NAME, rname,
        (long)tv.tv_sec, (int)tv.tv_usec/1000 );


get_remote_host returns a pointer directly into the conn structure, 
so the strchr truncates it.  Eeek. 

Should it be fixed by having the subroutine do a pstrdup, 
or should get_remote_host return a copy of the string instead?  I think 
the former, something might depend on the behavior of the latter....


--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--  |  We're hiring!

View raw message