httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Laurie <...@algroup.co.uk>
Subject Re: cvs commit: httpd-2.0/server gen_test_char.c
Date Sat, 03 Jan 2004 17:26:11 GMT
Joe Orton wrote:

> On Sat, Jan 03, 2004 at 04:31:32PM -0000, ben@apache.org wrote:
> 
>>ben         2004/01/03 08:31:32
>>
>>  Modified:    server   gen_test_char.c
>>  Log:
>>  Make forensic logging safe for POST data. The issue with strchr and NUL is
>>  a red herring.
> 
> 
> I don't think this is a safe change: 0 is now flagged with
> T_ESCAPE_FORENSIC|T_ESCAPE_LOGITEM|T_HTTP_TOKEN_STOP|T_ESCAPE_SHELL_CMD.  
> At least ap_find_token() assumes that 0 is not flagged with
> T_HTTP_TOKEN_STOP.

I shall fix it.

Cheers,

Ben.


-- 
http://www.apache-ssl.org/ben.html       http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

Mime
View raw message