You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2002/06/11 17:54:45 UTC

DO NOT REPLY [Bug 9783] New: - Fxed bug in mod_rewrite.c [from 1.3.23 to 2.0.36]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=9783>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=9783

Fxed bug in mod_rewrite.c [from 1.3.23 to 2.0.36]

           Summary: Fxed bug in mod_rewrite.c [from 1.3.23 to 2.0.36]
           Product: Apache httpd-2.0
           Version: 2.0.36
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: Normal
          Priority: Other
         Component: mod_rewrite
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: skooks@tiscali.it


[See prev. ref PR number 10090 Pablo Delgado, and my one]

In mod_rewrite.c [from Apache 1.3.23 until 2.0.36], there is a bug that cause
RewriteMap MapType 'rnd' not working.

Here is the funcion:
--------------------

3044:static int rewrite_rand(int l, int h)
3045:{
3046:    rewrite_rand_init();
3047:
3048:    /* Get [0,1) and then scale to the appropriate range. Note that using
3049:     * a floating point value ensures that we use all bits of the rand()
3050:     * result. Doing an integer modulus would only use the lower-order bits
3051:     * which may not be as uniformly random.
3052:     */
3053:    return (int)((double)(rand() % 32000) / 32000) * (h - l + 1) + l;
3054:}




This is the correct one:
------------------------


3044:static int rewrite_rand(int l, int h)
3045:{
3046:    rewrite_rand_init();
3047:
3048:    /* Get [0,1) and then scale to the appropriate range. Note that using
3049:     * a floating point value ensures that we use all bits of the rand()
3050:     * result. Doing an integer modulus would only use the lower-order bits
3051:     * which may not be as uniformly random.
3052:     */
3053:    return (int)(((double)(rand() % 32000) / 32000) * (h - l + 1) + l);
3054:}


In line 3053, if the additionals brackets are missing, the function return
always the value of 'l', [= 1, the call is few lines after],
because ((double)(rand() % 32000) / 32000) is always = 0.


Paolo Ferrario

skooks@tiscali.it

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org