httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jim Jagielski <...@jaguNET.com>
Subject Re: [PATCH] Candidate 1: Re: 1.3.3x digest/nonce issue
Date Fri, 16 Apr 2004 13:47:34 GMT

On Apr 16, 2004, at 9:39 AM, Jim Jagielski wrote:

> Jeff Trawick wrote:
>
>> Anybody want to think about what happens if we're so unlucky that the
>> ap_user_name or ap_pid_fname string with '\0' is smaller than 
>> sizeof(unsigned
>> long) and just happens to be allocated at the end of a page?  
>> Unlikely, but
>> still...  Maybe those are supposed to be &ap_user_name, 
>> &ap_listeners, etc.?
>>
>
> In which case we could use our native '%pp' format (which we
> should be doing anyway). From my read of it, I think that Dirk's
> intent was to use the *addresses* of those parameters, so
> yeah, I think that's not quite right.
>
>

Maybe something like this:

Index: src/main/http_core.c
===================================================================
RCS file: /home/cvs/apache-1.3/src/main/http_core.c,v
retrieving revision 1.333
diff -u -r1.333 http_core.c
--- src/main/http_core.c        15 Apr 2004 15:51:51 -0000      1.333
+++ src/main/http_core.c        16 Apr 2004 13:46:03 -0000
@@ -563,13 +563,12 @@
       * But then again - you should use AuthDigestRealmSeed in your 
config
       * file if you care. So the adhoc value should do.
       */
-    return ap_psprintf(r->pool,"%lu%lu%lu%lu%lu%s",
-           *(unsigned long *)&((r->connection->local_addr).sin_addr ),
-           *(unsigned long *)ap_user_name,
-           *(unsigned long *)ap_listeners,
-           *(unsigned long *)ap_server_argv0,
-           *(unsigned long *)ap_pid_fname,
-           "WHAT_THE_HECK_GOES_HERE?");
+    return ap_psprintf(r->pool,"%pp%pp%pp%pp%pp",
+           (void *)&((r->connection->local_addr).sin_addr ),
+           (void *)ap_user_name,
+           (void *)ap_listeners,
+           (void *)ap_server_argv0,
+           (void *)ap_pid_fname);
  }

  API_EXPORT(const char *) ap_default_type(request_rec *r)


Mime
View raw message