You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by st...@apache.org on 2002/08/21 15:33:08 UTC
cvs commit: apache-1.3/src/main http_core.c
stoddard 2002/08/21 06:33:08
Modified: src/main http_core.c
Log:
Win32: Fix one byte overflow in ap_get_win32_interpreter when the CGI script
has no '\r' or '\n' in the first 1023 bytes.
Reported by: Aaron Campbell
Revision Changes Path
1.315 +1 -1 apache-1.3/src/main/http_core.c
Index: http_core.c
===================================================================
RCS file: /home/cvs/apache-1.3/src/main/http_core.c,v
retrieving revision 1.314
retrieving revision 1.315
diff -u -r1.314 -r1.315
--- http_core.c 8 Jul 2002 18:06:55 -0000 1.314
+++ http_core.c 21 Aug 2002 13:33:07 -0000 1.315
@@ -1041,7 +1041,7 @@
if ((buffer[0] == '#') && (buffer[1] == '!')) {
/* Assuming file is a script since it starts with a shebang */
fileType = eFileTypeSCRIPT;
- for (i = 2; i < sizeof(buffer); i++) {
+ for (i = 2; i < (sizeof(buffer) - 1); i++) {
if ((buffer[i] == '\r')
|| (buffer[i] == '\n')) {
break;