You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by tr...@apache.org on 2013/08/05 22:24:39 UTC
svn commit: r1510707 - in /httpd/httpd/trunk: CHANGES support/ab.c
Author: trawick
Date: Mon Aug 5 20:24:39 2013
New Revision: 1510707
URL: http://svn.apache.org/r1510707
Log:
ab: Fix potential buffer overflows when processing the T and X
command-line options.
PR: 55360
Submitted by: Mike Rumph <mike.rumph oracle.com>
Reviewed by: trawick
Modified:
httpd/httpd/trunk/CHANGES
httpd/httpd/trunk/support/ab.c
Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1510707&r1=1510706&r2=1510707&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Mon Aug 5 20:24:39 2013
@@ -1,6 +1,10 @@
-*- coding: utf-8 -*-
Changes with Apache 2.5.0
+ *) ab: Fix potential buffer overflows when processing the T and X
+ command-line options. PR 55360.
+ [Mike Rumph <mike.rumph oracle.com>]
+
*) mod_unique_id: Use output of the PRNG rather than IP address and
pid, avoiding sleep() call and possible DNS issues at startup,
plus improving randomness for IPv6-only hosts.
Modified: httpd/httpd/trunk/support/ab.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/support/ab.c?rev=1510707&r1=1510706&r2=1510707&view=diff
==============================================================================
--- httpd/httpd/trunk/support/ab.c (original)
+++ httpd/httpd/trunk/support/ab.c Mon Aug 5 20:24:39 2013
@@ -282,22 +282,20 @@ char servername[1024]; /* name that ser
char *hostname; /* host name from URL */
const char *host_field; /* value of "Host:" header field */
const char *path; /* path name */
-char postfile[1024]; /* name of file containing post data */
char *postdata; /* *buffer containing data from postfile */
apr_size_t postlen = 0; /* length of data to be POSTed */
-char content_type[1024];/* content type to put in POST header */
+char *content_type = NULL; /* content type to put in POST header */
const char *cookie, /* optional cookie line */
*auth, /* optional (basic/uuencoded) auhentication */
*hdrs; /* optional arbitrary headers */
apr_port_t port; /* port number */
-char proxyhost[1024]; /* proxy host name */
+char *proxyhost = NULL; /* proxy host name */
int proxyport = 0; /* proxy port */
const char *connecthost;
const char *myhost;
apr_port_t connectport;
const char *gnuplot; /* GNUplot file */
const char *csvperc; /* CSV Percentile file */
-char url[1024];
const char *fullurl;
const char *colonhost;
int isproxy = 0;
@@ -1679,7 +1677,7 @@ static void test(void)
keepalive ? "Connection: Keep-Alive\r\n" : "",
cookie, auth,
postlen,
- (content_type[0]) ? content_type : "text/plain", hdrs);
+ (content_type != NULL) ? content_type : "text/plain", hdrs);
}
if (snprintf_res >= sizeof(_request)) {
err("Request too long\n");
@@ -2073,7 +2071,7 @@ int main(int argc, const char * const ar
tdstring = "bgcolor=white";
cookie = "";
auth = "";
- proxyhost[0] = '\0';
+ proxyhost = "";
hdrs = "";
apr_app_initialize(&argc, &argv, NULL);
@@ -2178,7 +2176,7 @@ int main(int argc, const char * const ar
* something */
break;
case 'T':
- strcpy(content_type, opt_arg);
+ content_type = apr_pstrdup(cntxt, opt_arg);
break;
case 'C':
cookie = apr_pstrcat(cntxt, "Cookie: ", opt_arg, "\r\n", NULL);
@@ -2249,7 +2247,7 @@ int main(int argc, const char * const ar
p++;
proxyport = atoi(p);
}
- strcpy(proxyhost, opt_arg);
+ proxyhost = apr_pstrdup(cntxt, opt_arg);
isproxy = 1;
}
break;