You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by co...@apache.org on 2006/04/19 12:15:38 UTC

svn commit: r395197 - in /httpd/httpd/branches/2.0.x: CHANGES STATUS server/protocol.c

Author: colm
Date: Wed Apr 19 03:15:33 2006
New Revision: 395197

URL: http://svn.apache.org/viewcvs?rev=395197&view=rev
Log:
Merge 394070 from trunk;

* Initialize last_char as otherwise a random value will be compared
  against APR_ASCII_LF at the end of the loop if bb only contains an
  EOS bucket.

PR: 39282
Submitted by: Davi Arnaut <davi haxent.com.br>
Reviewed by: rpluem

Modified:
    httpd/httpd/branches/2.0.x/CHANGES
    httpd/httpd/branches/2.0.x/STATUS
    httpd/httpd/branches/2.0.x/server/protocol.c

Modified: httpd/httpd/branches/2.0.x/CHANGES
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/CHANGES?rev=395197&r1=395196&r2=395197&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.0.x/CHANGES [utf-8] Wed Apr 19 03:15:33 2006
@@ -1,6 +1,9 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.0.57
 
+  *) core: Prevent read of unitialized memory in ap_rgetline_core. PR 39282.
+     [Davi Arnaut <davi haxent.com.br>]
+
   *) mod_proxy: Report the proxy server name correctly in the "Via:" header,
      when UseCanonicalName is Off. PR 11971. [Martin Kraemer]
 

Modified: httpd/httpd/branches/2.0.x/STATUS
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/STATUS?rev=395197&r1=395196&r2=395197&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/STATUS (original)
+++ httpd/httpd/branches/2.0.x/STATUS Wed Apr 19 03:15:33 2006
@@ -121,16 +121,6 @@
          http://marc.theaimsgroup.com/?l=apache-httpd-dev&m=113813652015559
        +1: colm, trawick, jim
 
-    *) core: Prevent read of unitialized memory in ap_rgetline_core. PR 39282.
-        Trunk version of patch:
-          http://svn.apache.org/viewcvs?rev=394070&view=rev
-        2.0.x version of patch:
-          http://issues.apache.org/bugzilla/attachment.cgi?id=18112
-      +1: rpluem, colm
-      niq: change comment "if bb only contains an EOS bucket"
-           to "if bb contains only zero-length buckets"
-           and you have my +1
-
 PATCHES PROPOSED TO BACKPORT FROM TRUNK:
   [ please place SVN revisions from trunk here, so it is easy to
     identify exactly what the proposed changes are!  Add all new

Modified: httpd/httpd/branches/2.0.x/server/protocol.c
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/server/protocol.c?rev=395197&r1=395196&r2=395197&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/server/protocol.c (original)
+++ httpd/httpd/branches/2.0.x/server/protocol.c Wed Apr 19 03:15:33 2006
@@ -217,6 +217,14 @@
     char *pos, *last_char = *s;
     int do_alloc = (*s == NULL), saw_eos = 0;
 
+    /*
+     * Initialize last_char as otherwise a random value will be compared
+     * against APR_ASCII_LF at the end of the loop if bb only contains 
+     * zero-length buckets.
+     */
+    if (last_char)
+        *last_char = '\0';
+
     for (;;) {
     apr_brigade_cleanup(bb);
     rv = ap_get_brigade(r->input_filters, bb, AP_MODE_GETLINE,