You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by jo...@apache.org on 2005/01/20 10:38:42 UTC
svn commit: r125747 - /httpd/httpd/branches/2.0.x/CHANGES /httpd/httpd/branches/2.0.x/STATUS /httpd/httpd/branches/2.0.x/modules/filters/mod_include.c
Author: jorton
Date: Thu Jan 20 01:38:40 2005
New Revision: 125747
URL: http://svn.apache.org/viewcvs?view=rev&rev=125747
Log:
* modules/filters/mod_include.c (ap_ssi_parse_string): Fix off-by-one
which would truncate variables of length N*64 by one byte.
PR: 32985
Reviewed by: jorton, trawick, stoddard
Modified:
httpd/httpd/branches/2.0.x/CHANGES
httpd/httpd/branches/2.0.x/STATUS
httpd/httpd/branches/2.0.x/modules/filters/mod_include.c
Modified: httpd/httpd/branches/2.0.x/CHANGES
Url: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/CHANGES?view=diff&rev=125747&p1=httpd/httpd/branches/2.0.x/CHANGES&r1=125746&p2=httpd/httpd/branches/2.0.x/CHANGES&r2=125747
==============================================================================
--- httpd/httpd/branches/2.0.x/CHANGES (original)
+++ httpd/httpd/branches/2.0.x/CHANGES Thu Jan 20 01:38:40 2005
@@ -1,5 +1,8 @@
Changes with Apache 2.0.53
+ *) mod_include: Fix bug which could truncate variable expansions
+ of N*64 characters by one byte. PR 32985. [Joe Orton]
+
*) Correct handling of certain bucket types in ap_save_brigade, fixing
possible segfaults in mod_cgi with #include virtual. PR 31247.
[Joe Orton]
Modified: httpd/httpd/branches/2.0.x/STATUS
Url: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/STATUS?view=diff&rev=125747&p1=httpd/httpd/branches/2.0.x/STATUS&r1=125746&p2=httpd/httpd/branches/2.0.x/STATUS&r2=125747
==============================================================================
--- httpd/httpd/branches/2.0.x/STATUS (original)
+++ httpd/httpd/branches/2.0.x/STATUS Thu Jan 20 01:38:40 2005
@@ -75,12 +75,6 @@
[ please place file names and revisions from HEAD here, so it is easy to
identify exactly what the proposed changes are! ]
- *) mod_include: fix an off-by-one which truncates the last character
- off an N*64 character variable expansion (in some cases).
- http://issues.apache.org/bugzilla/attachment.cgi?id=14025
- PR: 32985
- +1: jorton, trawick, stoddard
-
*) mod_ssl: fail quickly if SSL connection is aborted rather than
making many doomed ap_pass_brigade calls
http://svn.apache.org/viewcvs?view=rev&rev=125166
Modified: httpd/httpd/branches/2.0.x/modules/filters/mod_include.c
Url: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/modules/filters/mod_include.c?view=diff&rev=125747&p1=httpd/httpd/branches/2.0.x/modules/filters/mod_include.c&r1=125746&p2=httpd/httpd/branches/2.0.x/modules/filters/mod_include.c&r2=125747
==============================================================================
--- httpd/httpd/branches/2.0.x/modules/filters/mod_include.c (original)
+++ httpd/httpd/branches/2.0.x/modules/filters/mod_include.c Thu Jan 20 01:38:40 2005
@@ -616,7 +616,7 @@
char *new_out;
do {
new_out_size *= 2;
- } while (new_out_size < current_length + l);
+ } while (new_out_size < current_length + l + 1); /* +1 for NUL */
if (new_out_size > length) {
new_out_size = length;
}