svn commit: r394070 - in /httpd/httpd/trunk: CHANGES server/protocol.c

[rp...@apache.org]

Author: rpluem
Date: Fri Apr 14 05:17:54 2006
New Revision: 394070

URL: http://svn.apache.org/viewcvs?rev=394070&view=rev
Log:
* Initialize last_char as otherwise a random value will be compared
  against APR_ASCII_LF at the end of the loop if bb only contains an
  EOS bucket.

PR: 39282
Submitted by: Davi Arnaut <davi haxent.com.br>
Reviewed by: rpluem

Modified:
    httpd/httpd/trunk/CHANGES
    httpd/httpd/trunk/server/protocol.c

Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewcvs/httpd/httpd/trunk/CHANGES?rev=394070&r1=394069&r2=394070&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Fri Apr 14 05:17:54 2006
@@ -2,6 +2,9 @@
 Changes with Apache 2.3.0
   [Remove entries to the current 2.0 and 2.2 section below, when backported]
 
+  *) core: Prevent reading uninitialized memory while reading a line of
+     protocol input.  PR 39282. [Davi Arnaut <davi haxent.com.br>]
+
   *) htdbm: Fix crash processing -d option in 64-bit mode on HP-UX.
      [Jeff Trawick]
 

Modified: httpd/httpd/trunk/server/protocol.c
URL: http://svn.apache.org/viewcvs/httpd/httpd/trunk/server/protocol.c?rev=394070&r1=394069&r2=394070&view=diff
==============================================================================
--- httpd/httpd/trunk/server/protocol.c (original)
+++ httpd/httpd/trunk/server/protocol.c Fri Apr 14 05:17:54 2006
@@ -217,6 +217,14 @@
     char *pos, *last_char = *s;
     int do_alloc = (*s == NULL), saw_eos = 0;
 
+    /*
+     * Initialize last_char as otherwise a random value will be compared
+     * against APR_ASCII_LF at the end of the loop if bb only contains an
+     * EOS bucket.
+     */
+    if (last_char)
+        *last_char = '\0';
+
     for (;;) {
         apr_brigade_cleanup(bb);
         rv = ap_get_brigade(r->input_filters, bb, AP_MODE_GETLINE,