httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christophe JAILLET <>
Subject mod_proxy_ftp: Question about the use of an un-initialized buffer
Date Mon, 16 Dec 2013 21:58:34 GMT

in mod_proxy_ftp, in function 'proxy_ftp_handler', there is 8ko of stack 
reserved for the variable:
     char buffer[MAX_STRING_LEN]

However, this buffer is never filled within the function and its only 
use is at line 1675:
    if (rc != 200) {
       return ftp_proxyerror(r, backend, HTTP_BAD_GATEWAY, buffer);

So either it should be initialized to something relevant or it could be 
dropped to save stack.
Above message could at least be turned to:
       return ftp_proxyerror(r, backend, HTTP_BAD_GATEWAY, "error");
which is far from good but not worse...

Best regards,

View raw message