You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by jl...@locus.apache.org on 2000/04/04 21:14:08 UTC
cvs commit: jakarta-tomcat/src/native/apache/jserv jserv_balance.c
jluc 00/04/04 12:14:08
Modified: src/native/apache/jserv jserv_balance.c
Log:
potential buffer overflow fix.
Revision Changes Path
1.5 +7 -3 jakarta-tomcat/src/native/apache/jserv/jserv_balance.c
Index: jserv_balance.c
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/native/apache/jserv/jserv_balance.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- jserv_balance.c 2000/03/30 09:26:57 1.4
+++ jserv_balance.c 2000/04/04 19:14:08 1.5
@@ -54,7 +54,7 @@
* Author: Bernard Bernstein <be...@corp.talkcity.com> *
* Updated: March 1999 Jean-Luc Rochat <jl...@jnix.com> *
* Description: solved part of fail-over problems & LB improvments *
- * Version: $Revision: 1.4 $ *
+ * Version: $Revision: 1.5 $
*****************************************************************************/
#include "jserv.h"
@@ -154,8 +154,12 @@
char sessionid[256];
/* first JServ 1.1 as it is the production one */
- strcpy(sessionid, SESSION_IDENTIFIER_JSERV);
- strcat(sessionid, zone);
+ strcpy(sessionid, SESSION_IDENTIFIER_JSERV, sizeof(sessionid)-1);
+ /* as our strings are defined here we know they are < 256 bytes */
+ /* we check the routing info length */
+ if (strlen(zone) < sizeof(sessionid)-strlen(sessionid))
+ strcat(sessionid, zone);
+
val = get_param(sessionid, r);
if (val == NULL) {