Return-Path: Delivered-To: apmail-httpd-modules-dev-archive@locus.apache.org Received: (qmail 49798 invoked from network); 19 Oct 2007 13:29:09 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 19 Oct 2007 13:29:09 -0000 Received: (qmail 77024 invoked by uid 500); 19 Oct 2007 13:28:56 -0000 Delivered-To: apmail-httpd-modules-dev-archive@httpd.apache.org Received: (qmail 76989 invoked by uid 500); 19 Oct 2007 13:28:56 -0000 Mailing-List: contact modules-dev-help@httpd.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: modules-dev@httpd.apache.org Delivered-To: mailing list modules-dev@httpd.apache.org Received: (qmail 76980 invoked by uid 99); 19 Oct 2007 13:28:56 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 19 Oct 2007 06:28:56 -0700 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of alexander.farber@gmail.com designates 64.233.182.185 as permitted sender) Received: from [64.233.182.185] (HELO nf-out-0910.google.com) (64.233.182.185) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 19 Oct 2007 13:28:25 +0000 Received: by nf-out-0910.google.com with SMTP id c10so389031nfd for ; Fri, 19 Oct 2007 06:28:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=fV9YlEt18XeMBf30s15NK7/LTg2qiIx5/1UicjQec4Q=; b=t/1vrHdZ14BypN8mwCNKU2VCubYBwsrab8BSTGolOhUu9CoLNENvaQ6/ZHfzOg4Na9ltkxIrSZKxcbKuF6ktjn1YDZkGXBghlsjvbejkZZPR49LL9o6k1v5LqBBOEfaGJSE4GezOlhzO2lGHvYjyUIFfxn3gSQ4DyPxJNZgkRcs= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=lPKRed0yx4BLHlLw3bk38Rm/6PcqxFFFyaN+l8nl8WLbbFSW1/xKg+mqJLZWw+oF+t/lEDJ/Q4LZ+7/gngnYjrWxFx689q8y1SwYzovxLO2DweQwcL2HNssRYYJvd7dwC3xDtvCXuyaVjmXchMRkafdb6Qz/LCHDcEarh2KqrZA= Received: by 10.78.159.7 with SMTP id h7mr1243887hue.1192800483881; Fri, 19 Oct 2007 06:28:03 -0700 (PDT) Received: by 10.78.173.3 with HTTP; Fri, 19 Oct 2007 06:28:03 -0700 (PDT) Message-ID: <943abd910710190628m4b14946eu696bbff51f87178e@mail.gmail.com> Date: Fri, 19 Oct 2007 15:28:03 +0200 From: "Alexander Farber" To: modules-dev@httpd.apache.org Subject: Re: Ap1: Reading POST-requests buggy? (not 0-terminated) Cc: dougm@pobox.com In-Reply-To: <4718ADC4.4020202@joe-lewis.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <943abd910710190149s38b2aaaemc623367b2fdf0ea3@mail.gmail.com> <4718ADC4.4020202@joe-lewis.com> X-Virus-Checked: Checked by ClamAV on apache.org Hello, I think it is a bug in the libapreq-1.33: util_read() doesn't 0-terminate the received POST data, but after that calls ap_getword() on it repeatedly. Regards Alex -- http://preferans.de