httpd-modules-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Lewis <...@joe-lewis.com>
Subject Re: Meaning of len returned by apr_bucket_read()...
Date Fri, 19 Jan 2007 15:08:52 GMT
Giuliano Gavazzi wrote:
>
> On 19 Jan 2007, at 11:24, Drew Bertola wrote:
>> That's the question. I didn't mention this, and from your response it
>> now seems important: When I compare strlen(str) to len, len is either
>> equal or less than the length of str.
>>
>> So, does len truly represent the data read, or does str?
>
> ah, I thought your were finding strlen < len (because of nulls in *str)
> From reading the headers: len is the amount of data returned.
> Since str is not null terminated, as you showed, sooner or later if 
> you call strlen(str) you will hit an access violation.
> But don't quote me on anything I wrote, I am not an expert in apr!
Hey, g - actually, you hit the nail on the head here. The data in the 
bucket does NOT always terminate with a NULL. Additionally, the bucket 
might contain additional NULL characters as part of the data (e.g. if 
the bucket contains compressed HTML pages, or an .EXE file, or... you 
get the idea). So, you are an expert here.

The content-length header will not always be accurate, either, unless 
every module resets the parameter. Additionally, some modules do not set 
that. Plus, it almost never matches the bucket length - brigade length, 
perhaps, but not bucket length.

Whenever someone reads from a bucket, they should ALWAYS use the &len 
value. If they know it's a string, slap a NULL character on the end to 
prevent NULL-termination if using the standard strcmp or strlen 
functions, or expect a nice SEGV to occur.

Joe

Mime
View raw message