httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Manoj Kasichainula <man...@raleigh.ibm.com>
Subject [PATCH] Fix memory leaks and security hole in APR
Date Wed, 03 Nov 1999 22:56:07 GMT
The attached patch repairs all the instances of malloc and strdup
without free that I found. I did this on all the platforms, so all the
non-Unix code is untested. Please complain about things I broke!

This also fixes a potential buffer overflow in ap_fprintf that could
probably be exploited rather easily if this code was released. Now,
ap_fprintf is uniform between all the platforms; it probably ought to
be shared code.

This'll probably be committed tomorrow; tonight if I get fidgety.

-- 
Manoj Kasichainula - manojk@raleigh.ibm.com
IBM, Apache Development

Mime
View raw message