httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Martin Kraemer <Martin.Krae...@mch.sni.de>
Subject Re: [PATCH] fix pcfg_openfile() (was: mod_auth-any/1672: Authentication / .htaccess DoS attack)
Date Thu, 15 Jan 1998 21:12:44 GMT
On Thu, Jan 15, 1998 at 02:06:31PM -0700, Marc Slemko wrote:
> 
> No, read the first bit.  You trash the request if you don't reach end of
> line before end of the 8k buffer you read from.

But suppose you read from /dev/tape, and the first n kilobytes
indeed look sensible? Say, the tape is filled with 2GB worth of
newlines?

I would prefer to check the device first.

    Martin
-- 
| S I E M E N S |  <Martin.Kraemer@mch.sni.de>  |      Siemens Nixdorf
| ------------- |   Voice: +49-89-636-46021     |  Informationssysteme AG
| N I X D O R F |   FAX:   +49-89-636-44994     |   81730 Munich, Germany
~~~~~~~~~~~~~~~~My opinions only, of course; pgp key available on request

Mime
View raw message