You are viewing a plain text version of this content. The canonical link for it is here.

Posted to cvs@httpd.apache.org by st...@apache.org on 2002/08/21 15:33:08 UTC

cvs commit: apache-1.3/src/main http_core.c

stoddard    2002/08/21 06:33:08

  Modified:    src/main http_core.c
  Log:
  Win32: Fix one byte overflow in ap_get_win32_interpreter when the CGI script
  has no '\r' or '\n' in the first 1023 bytes.
  
  Reported by: Aaron Campbell
  
  Revision  Changes    Path
  1.315     +1 -1      apache-1.3/src/main/http_core.c
  
  Index: http_core.c
  ===================================================================
  RCS file: /home/cvs/apache-1.3/src/main/http_core.c,v
  retrieving revision 1.314
  retrieving revision 1.315
  diff -u -r1.314 -r1.315
  --- http_core.c	8 Jul 2002 18:06:55 -0000	1.314
  +++ http_core.c	21 Aug 2002 13:33:07 -0000	1.315
  @@ -1041,7 +1041,7 @@
       if ((buffer[0] == '#') && (buffer[1] == '!')) {
           /* Assuming file is a script since it starts with a shebang */
           fileType = eFileTypeSCRIPT;
  -        for (i = 2; i < sizeof(buffer); i++) {
  +        for (i = 2; i < (sizeof(buffer) - 1); i++) {
               if ((buffer[i] == '\r')
                   || (buffer[i] == '\n')) {
                   break;