You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Christophe JAILLET <ch...@wanadoo.fr> on 2013/12/16 22:58:34 UTC

mod_proxy_ftp: Question about the use of an un-initialized buffer

Hi,

in mod_proxy_ftp, in function 'proxy_ftp_handler', there is 8ko of stack 
reserved for the variable:
     char buffer[MAX_STRING_LEN]

However, this buffer is never filled within the function and its only 
use is at line 1675:
    if (rc != 200) {
       return ftp_proxyerror(r, backend, HTTP_BAD_GATEWAY, buffer);
    }


So either it should be initialized to something relevant or it could be 
dropped to save stack.
Above message could at least be turned to:
       return ftp_proxyerror(r, backend, HTTP_BAD_GATEWAY, "error");
which is far from good but not worse...


Best regards,
CJ

Re: mod_proxy_ftp: Question about the use of an un-initialized buffer

Posted by Christophe JAILLET <ch...@wanadoo.fr>.

Le 16/12/2013 22:58, Christophe JAILLET a écrit :
> Hi,
>
> in mod_proxy_ftp, in function 'proxy_ftp_handler', there is 8ko of 
> stack reserved for the variable:
>     char buffer[MAX_STRING_LEN]
>
> However, this buffer is never filled within the function and its only 
> use is at line 1675:
>    if (rc != 200) {
>       return ftp_proxyerror(r, backend, HTTP_BAD_GATEWAY, buffer);
>    }
>
>
> So either it should be initialized to something relevant or it could 
> be dropped to save stack.
> Above message could at least be turned to:
>       return ftp_proxyerror(r, backend, HTTP_BAD_GATEWAY, "error");
> which is far from good but not worse...
>
>
> Best regards,
> CJ
>
>

committed in trunk (r1551714) with a more clever proposal.
Use ftpmessage returned by previous proxy_ftp_command call.

CJ