You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by David Shane Holden <dp...@apache.org> on 2008/07/19 12:23:32 UTC
[PATCH] mod_session.c
I was experimenting with mod_session a bit and ran into a segfault when
a cgi script sets a cookie with a null value (eg. "key="). Basically
mod_session tries to do a sanity check on the null value by passing it
to ap_unescape_all which is causing the segfault. But, if you look at
the code there's no need for it, the key was removed from the table
because of the null value and the sanity check is in preparation to add
it back to the table. The attached patch fixes mod_session, but perhaps
unescape_url (which ap_unescape_all calls) should verify that the value
passed to it isn't null. I'm not quite sure what it should return
though which is why I didn't bother touching it.
Re: [PATCH] mod_session.c
Posted by Ruediger Pluem <rp...@apache.org>.
On 07/19/2008 12:23 PM, David Shane Holden wrote:
> I was experimenting with mod_session a bit and ran into a segfault when
> a cgi script sets a cookie with a null value (eg. "key="). Basically
> mod_session tries to do a sanity check on the null value by passing it
> to ap_unescape_all which is causing the segfault. But, if you look at
> the code there's no need for it, the key was removed from the table
> because of the null value and the sanity check is in preparation to add
> it back to the table. The attached patch fixes mod_session, but perhaps
> unescape_url (which ap_unescape_all calls) should verify that the value
> passed to it isn't null. I'm not quite sure what it should return
> though which is why I didn't bother touching it.
Thanks for the patch. Fixed in r678160.
Regards
RĂ¼diger