httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Slemko <ma...@worldgate.com>
Subject be cautious of dynamic allocation
Date Tue, 31 Mar 1998 05:47:23 GMT
A lot of the core of the server was _not_ written with dynamic allocation
in mind, and there were in mid 1.2 betas a _lot_ of places where avoiding
buffer overflows relied on the implicit assumption that there was a limit
on the size of certain things that was propogated down.

I'm not advocating that way of coding, and I think I have all of those
cases fixed, but it is just a caution that changing things to use dynamic
allocation can cause unforseen security side-effects due to other broken
code.



Mime
View raw message