You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by jo...@apache.org on 2005/01/20 10:38:42 UTC

svn commit: r125747 - /httpd/httpd/branches/2.0.x/CHANGES /httpd/httpd/branches/2.0.x/STATUS /httpd/httpd/branches/2.0.x/modules/filters/mod_include.c

Author: jorton
Date: Thu Jan 20 01:38:40 2005
New Revision: 125747

URL: http://svn.apache.org/viewcvs?view=rev&rev=125747
Log:
* modules/filters/mod_include.c (ap_ssi_parse_string): Fix off-by-one
which would truncate variables of length N*64 by one byte.

PR: 32985
Reviewed by: jorton, trawick, stoddard

Modified:
   httpd/httpd/branches/2.0.x/CHANGES
   httpd/httpd/branches/2.0.x/STATUS
   httpd/httpd/branches/2.0.x/modules/filters/mod_include.c

Modified: httpd/httpd/branches/2.0.x/CHANGES
Url: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/CHANGES?view=diff&rev=125747&p1=httpd/httpd/branches/2.0.x/CHANGES&r1=125746&p2=httpd/httpd/branches/2.0.x/CHANGES&r2=125747
==============================================================================
--- httpd/httpd/branches/2.0.x/CHANGES	(original)
+++ httpd/httpd/branches/2.0.x/CHANGES	Thu Jan 20 01:38:40 2005
@@ -1,5 +1,8 @@
 Changes with Apache 2.0.53
 
+  *) mod_include: Fix bug which could truncate variable expansions
+     of N*64 characters by one byte.  PR 32985.  [Joe Orton]
+
   *) Correct handling of certain bucket types in ap_save_brigade, fixing
      possible segfaults in mod_cgi with #include virtual.  PR 31247.
      [Joe Orton]

Modified: httpd/httpd/branches/2.0.x/STATUS
Url: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/STATUS?view=diff&rev=125747&p1=httpd/httpd/branches/2.0.x/STATUS&r1=125746&p2=httpd/httpd/branches/2.0.x/STATUS&r2=125747
==============================================================================
--- httpd/httpd/branches/2.0.x/STATUS	(original)
+++ httpd/httpd/branches/2.0.x/STATUS	Thu Jan 20 01:38:40 2005
@@ -75,12 +75,6 @@
   [ please place file names and revisions from HEAD here, so it is easy to
     identify exactly what the proposed changes are! ]
 
-    *) mod_include: fix an off-by-one which truncates the last character
-       off an N*64 character variable expansion (in some cases).
-       http://issues.apache.org/bugzilla/attachment.cgi?id=14025
-       PR: 32985
-       +1: jorton, trawick, stoddard
-
     *) mod_ssl: fail quickly if SSL connection is aborted rather than
        making many doomed ap_pass_brigade calls
        http://svn.apache.org/viewcvs?view=rev&rev=125166

Modified: httpd/httpd/branches/2.0.x/modules/filters/mod_include.c
Url: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/modules/filters/mod_include.c?view=diff&rev=125747&p1=httpd/httpd/branches/2.0.x/modules/filters/mod_include.c&r1=125746&p2=httpd/httpd/branches/2.0.x/modules/filters/mod_include.c&r2=125747
==============================================================================
--- httpd/httpd/branches/2.0.x/modules/filters/mod_include.c	(original)
+++ httpd/httpd/branches/2.0.x/modules/filters/mod_include.c	Thu Jan 20 01:38:40 2005
@@ -616,7 +616,7 @@
                     char *new_out;
                     do {
                         new_out_size *= 2;
-                    } while (new_out_size < current_length + l);
+                    } while (new_out_size < current_length + l + 1); /* +1 for NUL */
                     if (new_out_size > length) {
                         new_out_size = length;
                     }