httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeff Trawick <traw...@attglobal.net>
Subject Re: [PATCH] Candidate 1: Re: 1.3.3x digest/nonce issue
Date Fri, 16 Apr 2004 13:23:25 GMT
Jim Jagielski wrote:
> I'm suggesting changing the static string "WHAT_THE_HECK_GOES_HERE?"
> in ap_auth_nonce() to ap_get_server_name()...
> 
> comments?

see my prior comment on that section of code ;)

Dirk's later patch got rid of extra "%s" in the format string, so zap the last 
"%s" as well as my lame "WHAT_THE_HECK_GOES_HERE?".

Anybody want to think about what happens if we're so unlucky that the 
ap_user_name or ap_pid_fname string with '\0' is smaller than sizeof(unsigned 
long) and just happens to be allocated at the end of a page?  Unlikely, but 
still...  Maybe those are supposed to be &ap_user_name, &ap_listeners, etc.?

Mime
View raw message