httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Slemko <ma...@znep.com>
Subject Re: buffer overflow patches are here
Date Sat, 18 Jan 1997 19:31:32 GMT
The memory is only used when someone is actually getting the server info,
no?  I don't consider that to be a huge waste.

There are some directives w/info that are beginning to get almost close to
256 chars, so why have limits that could crop up and hurt you later?
OTOH, your argument that "if they are longer than that, who cares" is also
valid.

If you do think it is a waste, check out some of the stuff in
http_protocol.c, which uses MAX_STRING_LENGTH for a buffer to sprintf a
long int into.  (This is just a BTW, not a lame "they did it so I can")

I also have a dislike for a zillion hard-coded constants all over when
they aren't needed. There are places in the code where having that sort of
things makes the code quite hard to deal with. 

I don't suppose any of the above are more valid than your argument, and
the main reason I changed it in the first place was because I had to in
the first go at the patches to make things work.  Unless anyone else says
anything, I will change it back to 256 (or perhaps add a define?).

On Sat, 18 Jan 1997 rasmus@lerdorf.on.ca wrote:

> In mod_info.c you changed "char buf[256]" to "char buf[HUGE_STRING_LEN]"
> How come?
> 
> 256 should be plenty, and even if it isn't, it doesn't matter.  The
> buf pointer only points to informational items. Seeing the first 255
> characters of one of the items is adequate.  I don't think it is worth
> another 8K on the stack.  Obviously the sprintf() to ap_snprintf() changes
> you made are needed.
> 
> -Rasmus
> 


Mime
View raw message