You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@apr.apache.org by Ben Laurie <be...@algroup.co.uk> on 2001/02/11 17:32:19 UTC

Re: cvs commit: apr/strings apr_strings.c

Hmmm. Actually, this could improve its efficiency by only allocating
len+1 bytes if len < n. Should we do that?

Cheers,

Ben.

ben@apache.org wrote:
> 
> ben         01/02/11 08:25:08
> 
>   Modified:    strings  apr_strings.c
>   Log:
>   ap_pstrndup could have caused out-of-bounds memory accesses (this is a
>   theoretical problem that I happened to notice). Only lightly tested.
> 
>   Revision  Changes    Path
>   1.9       +7 -2      apr/strings/apr_strings.c
> 
>   Index: apr_strings.c
>   ===================================================================
>   RCS file: /home/cvs/apr/strings/apr_strings.c,v
>   retrieving revision 1.8
>   retrieving revision 1.9
>   diff -u -r1.8 -r1.9
>   --- apr_strings.c     2001/02/11 16:18:09     1.8
>   +++ apr_strings.c     2001/02/11 16:25:07     1.9
>   @@ -83,13 +83,18 @@
>    APR_DECLARE(char *) apr_pstrndup(apr_pool_t *a, const char *s, apr_size_t n)
>    {
>        char *res;
>   +    size_t len;
> 
>        if (s == NULL) {
>            return NULL;
>        }
>        res = apr_palloc(a, n + 1);
>   -    memcpy(res, s, n);
>   -    res[n] = '\0';
>   +    len = strlen(s);
>   +    if(len > n) {
>   +     memcpy(res, s, n);
>   +     res[n] = '\0';
>   +    } else
>   +     memcpy(res, s, len+1);
>        return res;
>    }
> 
> 
> 
> 

--
http://www.apache-ssl.org/ben.html

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

Re: cvs commit: apr/strings apr_strings.c

Posted by Greg Stein <gs...@lyra.org>.

Yup. Done and checked in.

[ I'm checking usage right now to ensure people don't depend on that... ]

Cheers,
-g

On Sun, Feb 11, 2001 at 04:32:19PM +0000, Ben Laurie wrote:
> Hmmm. Actually, this could improve its efficiency by only allocating
> len+1 bytes if len < n. Should we do that?
> 
> Cheers,
> 
> Ben.
> 
> ben@apache.org wrote:
> > 
> > ben         01/02/11 08:25:08
> > 
> >   Modified:    strings  apr_strings.c
> >   Log:
> >   ap_pstrndup could have caused out-of-bounds memory accesses (this is a
> >   theoretical problem that I happened to notice). Only lightly tested.
> > 
> >   Revision  Changes    Path
> >   1.9       +7 -2      apr/strings/apr_strings.c
> > 
> >   Index: apr_strings.c
> >   ===================================================================
> >   RCS file: /home/cvs/apr/strings/apr_strings.c,v
> >   retrieving revision 1.8
> >   retrieving revision 1.9
> >   diff -u -r1.8 -r1.9
> >   --- apr_strings.c     2001/02/11 16:18:09     1.8
> >   +++ apr_strings.c     2001/02/11 16:25:07     1.9
> >   @@ -83,13 +83,18 @@
> >    APR_DECLARE(char *) apr_pstrndup(apr_pool_t *a, const char *s, apr_size_t n)
> >    {
> >        char *res;
> >   +    size_t len;
> > 
> >        if (s == NULL) {
> >            return NULL;
> >        }
> >        res = apr_palloc(a, n + 1);
> >   -    memcpy(res, s, n);
> >   -    res[n] = '\0';
> >   +    len = strlen(s);
> >   +    if(len > n) {
> >   +     memcpy(res, s, n);
> >   +     res[n] = '\0';
> >   +    } else
> >   +     memcpy(res, s, len+1);
> >        return res;
> >    }
> > 
> > 
> > 
> > 
> 
> --
> http://www.apache-ssl.org/ben.html
> 
> "There is no limit to what a man can do or how far he can go if he
> doesn't mind who gets the credit." - Robert Woodruff

-- 
Greg Stein, http://www.lyra.org/