Return-Path: 
 <dev-return-36251-apmail-httpd-dev-archive=httpd.apache.org@httpd.apache.org>
Delivered-To: apmail-httpd-dev-archive@httpd.apache.org
Received: (qmail 6468 invoked by uid 500); 19 Feb 2003 05:56:52 -0000
Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@httpd.apache.org
list-help: <mailto:dev-help@httpd.apache.org>
list-unsubscribe: <mailto:dev-unsubscribe@httpd.apache.org>
list-post: <mailto:dev@httpd.apache.org>
Delivered-To: mailing list dev@httpd.apache.org
Received: (qmail 6453 invoked from network); 19 Feb 2003 05:56:52 -0000
Message-ID: <3E53018F.6050800@stason.org>
Date: Wed, 19 Feb 2003 15:01:19 +1100
From: Stas Bekman <stas@stason.org>
Organization: Hope, Humanized
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.1) Gecko/20020826
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: dev@httpd.apache.org
Cc: Richard Clarke <ric@likewhoa.com>
Subject: Re: [patch 1.3] avoid segfaults in ap_unescape_url with empty strings
References: <3E53129C.9000402@stason.org>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N

Stas Bekman wrote:
> This ia an apache-1.3 issue

please disregard this one for now. I couldn't reproduce the problem and 
based the possible solution on the posted backtrace, but it looks like 
it's not what's happenning. I'll follow up after I dig more into this.

> Richard Clarke <ric@likewhoa.com> has reported the following segfault on 
> the modperl list. The following patch tries to prevent the segfault:
> 
> Program received signal SIGBUS, Bus error.
> 0x80b445b in ap_unescape_url (url=0x8162e89 "") at util.c:1609
> 1609        url[x] = '\0';
> (gdb) bt
> #0  0x80b445b in ap_unescape_url (url=0x8162e89 "") at util.c:1609
> #1  0x8085c20 in XS_Apache_unescape_url (cv=0x8227b0c) at Apache.c:931
> [...]
> 
> Index: src/main/util.c
> ===================================================================
> RCS file: /home/cvspublic/apache-1.3/src/main/util.c,v
> retrieving revision 1.206
> diff -u -r1.206 util.c
> --- src/main/util.c     18 Jun 2002 00:59:58 -0000      1.206
> +++ src/main/util.c     19 Feb 2003 05:12:04 -0000
> @@ -1588,6 +1588,10 @@
>  {
>      register int x, y, badesc, badpath;
> 
> +    /* if the url is empty just return */
> +    if (url && url[0] == '\0')
> +        return OK;
> +
>      badesc = 0;
>      badpath = 0;
>      for (x = 0, y = 0; url[y]; ++x, ++y) {
> 
> 
> 
> __________________________________________________________________
> Stas Bekman            JAm_pH ------> Just Another mod_perl Hacker
> http://stason.org/     mod_perl Guide ---> http://perl.apache.org
> mailto:stas@stason.org http://use.perl.org http://apacheweek.com
> http://modperlbook.org http://apache.org   http://ticketmaster.com


-- 


__________________________________________________________________
Stas Bekman            JAm_pH ------> Just Another mod_perl Hacker
http://stason.org/     mod_perl Guide ---> http://perl.apache.org
mailto:stas@stason.org http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com