You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Tony Sanders <sa...@bsdi.com> on 1996/04/24 20:22:00 UTC
bug in directory indexing code (apache version 1.0.0-1.0.5)
I've been having some problems with apache 1.0.0-1.0.5
occassionaly getting into a tight spin-loop eating up cpu. I
finally traced it down to the directory indexing code trashing
the stack with a null byte. Someone should check 1.1b* for
this bug as well.
A patch follows -- though whoever "owns" that code might want to
solve the problem in a different way as I was not totally clear on
why the code was doing things the way it was doing them so I opted
to just preserve the behavior. I also reduced the number of times
that the constant "23" was used -- it should probably be a #define.
*** mod_dir.c.orig Wed Apr 24 12:45:48 1996
--- mod_dir.c Wed Apr 24 13:12:47 1996
***************
*** 617,625 ****
t2 = pstrcat(scratch, t2, "</A>", NULL);
} else
{
! char buff[23]=" ";
t2 = escape_html(scratch, t);
! buff[23-len] = '\0';
t2 = pstrcat(scratch, t2, "</A>", buff, NULL);
}
anchor = pstrcat (scratch, "<A HREF=\"",
--- 617,626 ----
t2 = pstrcat(scratch, t2, "</A>", NULL);
} else
{
! char buff[23];
! strncpy(buff, " ", sizeof(buff));
t2 = escape_html(scratch, t);
! buff[sizeof(buff)-len] = '\0';
t2 = pstrcat(scratch, t2, "</A>", buff, NULL);
}
anchor = pstrcat (scratch, "<A HREF=\"",