httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Plüm, Rüdiger, VF-Group <ruediger.pl...@vodafone.com>
Subject Re: svn commit: r561616 - in /httpd/httpd/trunk: CHANGES modules/proxy/proxy_util.c
Date Wed, 01 Aug 2007 09:10:19 GMT


> -----Ursprüngliche Nachricht-----
> Von: Joe Orton 
> Gesendet: Mittwoch, 1. August 2007 10:06
> An: dev@httpd.apache.org
> Cc: Davi Arnaut
> Betreff: Re: svn commit: r561616 - in /httpd/httpd/trunk: 
> CHANGES modules/proxy/proxy_util.c
> 
> 
> On Wed, Aug 01, 2007 at 12:58:21AM -0000,  wrote:
> > Author: niq
> > Date: Tue Jul 31 17:58:20 2007
> > New Revision: 561616
> > 
> > URL: http://svn.apache.org/viewvc?view=rev&rev=561616
> > Log:
> > Fix buffer overflow in date handling
> > PR 41144 (Davi Arnaut)
> 
> This appears to be a buffer "over-read", not a buffer 
> overflow, correct?

I agree with this.

> > 
> ==============================================================
> ================
> > --- httpd/httpd/trunk/modules/proxy/proxy_util.c (original)
> > +++ httpd/httpd/trunk/modules/proxy/proxy_util.c Tue Jul 31 

> > -        }
> > +    apr_status_t rv;
> > +    apr_time_exp_t tm;
> > +    apr_size_t retsize;
> > +    char* ndate;
> > +    static const char format[] = "%a, %d %b %Y %H:%M:%S GMT";
> > +    apr_time_t time = apr_date_parse_http(date);
> > +    if (!time) {
> > +        return date;
> >      }
> >  
> > -/* check date */
> > -    for (mon = 0; mon < 12; mon++) {
> > -        if (strcmp(month, apr_month_snames[mon]) == 0) {
> > -            break;
> > -        }
> > +    rv = apr_time_exp_gmt(&tm, time);
> > +
> > +    if (rv != APR_SUCCESS) {
> > +        return date;
> >      }
> > -    if (mon == 12) {
> > -        return x;
> > +
> > +    ndate = apr_palloc(p, APR_RFC822_DATE_LEN);
> > +    rv = apr_strftime(ndate, &retsize, 
> APR_RFC822_DATE_LEN, format, &tm);

Why not using apr_rfc822_date instead? This is makes this function even shorter
and from a first glance apr_rfc822_date is far more efficient then apr_strftime.

Regards

Rüdiger


Mime
View raw message