You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by dg...@hyperreal.org on 1998/08/09 19:39:38 UTC
cvs commit: apache-1.3/src/modules/proxy proxy_http.c proxy_util.c
dgaudet 98/08/09 10:39:36
Modified: src/modules/proxy proxy_http.c proxy_util.c
Log:
more comments
Revision Changes Path
1.56 +2 -0 apache-1.3/src/modules/proxy/proxy_http.c
Index: proxy_http.c
===================================================================
RCS file: /export/home/cvs/apache-1.3/src/modules/proxy/proxy_http.c,v
retrieving revision 1.55
retrieving revision 1.56
diff -u -r1.55 -r1.56
--- proxy_http.c 1998/08/09 17:36:27 1.55
+++ proxy_http.c 1998/08/09 17:39:25 1.56
@@ -427,6 +427,8 @@
ap_rvputs(r, hdr[i].field, ": ", hdr[i].value, CRLF, NULL);
/* XXX: can't this be ap_table_setn? -djg */
ap_table_set(r->headers_out, hdr[i].field, hdr[i].value);
+ /* XXX: regardless, there's an O(n^2) attack here, which
+ * could be fixed with ap_overlap_tables */
}
if (cache != NULL)
if (ap_bvputs(cache, hdr[i].field, ": ", hdr[i].value, CRLF,
1.68 +1 -0 apache-1.3/src/modules/proxy/proxy_util.c
Index: proxy_util.c
===================================================================
RCS file: /export/home/cvs/apache-1.3/src/modules/proxy/proxy_util.c,v
retrieving revision 1.67
retrieving revision 1.68
diff -u -r1.67 -r1.68
--- proxy_util.c 1998/08/09 17:36:28 1.67
+++ proxy_util.c 1998/08/09 17:39:25 1.68
@@ -643,6 +643,7 @@
ap_bvputs(fp, hdrs[i].field, ": ", hdrs[i].value, CRLF, NULL);
/* XXX: can't this be ap_table_setn? -djg */
ap_table_set(r->headers_out, hdrs[i].field, hdrs[i].value);
+ /* XXX: another O(n^2) attack, fixed by ap_overlap_tables */
}
ap_bputs(CRLF, fp);