You are viewing a plain text version of this content. The canonical link for it is here.

Posted to bugs@httpd.apache.org by bu...@apache.org on 2014/08/15 02:54:55 UTC

[Bug 56858] New: non-terminated buffer passed to ap_log_rerror

https://issues.apache.org/bugzilla/show_bug.cgi?id=56858

            Bug ID: 56858
           Summary: non-terminated buffer passed to ap_log_rerror
           Product: Apache httpd-2
           Version: 2.5-HEAD
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mod_proxy_fcgi
          Assignee: bugs@httpd.apache.org
          Reporter: manuel-asf@mausz.at

Created attachment 31919
  --> https://issues.apache.org/bugzilla/attachment.cgi?id=31919&action=edit
stderr-terminate-buffer.patch

iobuf isn't terminated before passed to ap_log_rerror

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 56858] non-terminated buffer passed to ap_log_rerror

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=56858

Eric Covener <co...@gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Keywords|                            |FixedInTrunk

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 56858] non-terminated buffer passed to ap_log_rerror

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=56858

--- Comment #6 from Jeff Trawick <tr...@apache.org> ---
The fix is now in httpd trunk with r1618401, and is proposed for backport to
the 2.4.x branch.

Thanks!

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 56858] non-terminated buffer passed to ap_log_rerror

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=56858

--- Comment #7 from Christophe JAILLET <ch...@wanadoo.fr> ---
BTW,

in the comment pointed out by Manuel, in the string "My reading is is precision
is specified and", shouldn't "is is" be "is if" ?

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 56858] non-terminated buffer passed to ap_log_rerror

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=56858

Manuel Mausz <ma...@mausz.at> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Keywords|                            |PatchAvailable

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 56858] non-terminated buffer passed to ap_log_rerror

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=56858

Jeff Trawick <tr...@apache.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |FIXED

--- Comment #8 from Jeff Trawick <tr...@apache.org> ---
This is in the 2.4.x branch and will be in the next release.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 56858] non-terminated buffer passed to ap_log_rerror

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=56858

--- Comment #2 from Manuel Mausz <ma...@mausz.at> ---
The simpler one was initial patch, but mine is a bit faster :)

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 56858] non-terminated buffer passed to ap_log_rerror

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=56858

--- Comment #4 from Manuel Mausz <ma...@mausz.at> ---
(In reply to Jeff Trawick from comment #3)
> >The simpler one was initial patch, but mine is a bit faster :)
> That seems odd, since it throws away the knowledge of how long the string is.
> 
> With .*, the string length doesn't have to be calculated.
That's because ap_log_rerror has to walk down the array until either the first
0-byte or the supplied length in order to determine the "real" length of the
array. See https://github.com/apache/apr/blob/trunk/strings/apr_snprintf.c#L975

However I'm totally fine with your patch as well. Just wanted to point this
out.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 56858] non-terminated buffer passed to ap_log_rerror

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=56858

Jeff Trawick <tr...@apache.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 56858] non-terminated buffer passed to ap_log_rerror

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=56858

--- Comment #3 from Jeff Trawick <tr...@apache.org> ---
>The simpler one was initial patch, but mine is a bit faster :)
That seems odd, since it throws away the knowledge of how long the string is.

With .*, the string length doesn't have to be calculated.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 56858] non-terminated buffer passed to ap_log_rerror

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=56858

--- Comment #1 from Jeff Trawick <tr...@apache.org> ---
This for the report.  Here is a simpler fix:

Index: modules/proxy/mod_proxy_fcgi.c
===================================================================
--- modules/proxy/mod_proxy_fcgi.c    (revision 1617253)
+++ modules/proxy/mod_proxy_fcgi.c    (working copy)
@@ -665,7 +665,7 @@
                 /* TODO: Should probably clean up this logging a bit... */
                 if (clen) {
                     ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01071)
-                                  "Got error '%s'", iobuf);
+                                  "Got error '%.*s'", (int)readbuflen, iobuf);
                 }

                 if (clen > readbuflen) {

I'll commit that when I get a chance to test...

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 56858] non-terminated buffer passed to ap_log_rerror

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=56858

--- Comment #5 from Jeff Trawick <tr...@apache.org> ---
Thanks for explaining (blush).  We'll go with your original, unposted patch
which was the same as mine.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org