You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Brian Behlendorf <br...@organic.com> on 1996/04/22 23:06:02 UTC
host truncation bug seems to be in mod_cookies.c
Compiling without mod_cookies.c linked in appears to not cause hostnames
to get truncated. If the server is compiled with mod_cookies, then the
presence of no "Cookie" header causes the truncation. I'll be diving
deeper into this, unless Mark or someone more familiar with the cookies
code is interested.
Brian
--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
brian@organic.com | We're hiring! http://www.organic.com/Home/Info/Jobs/
Re: host truncation bug seems to be in mod_cookies.c
Posted by Brian Behlendorf <br...@organic.com>.
D'oh! from mod_cookies.c:
void make_cookie(request_rec *r)
{
struct timeval tv;
char new_cookie[100]; /* blurgh */
char *dot;
const char *rname = get_remote_host(r->connection, r->per_dir_config,
REMOTE_NAME);
struct timezone tz = { 0 , 0 };
if ((dot = strchr(rname,'.'))) *dot='\0'; /* First bit of hostname */
gettimeofday(&tv, &tz);
sprintf(new_cookie,"%s%s%d%ld%d; path=/",
COOKIE_NAME, rname,
(int)getpid(),
(long)tv.tv_sec, (int)tv.tv_usec/1000 );
table_set(r->headers_out,"Set-Cookie",new_cookie);
return;
}
get_remote_host returns a pointer directly into the conn structure,
so the strchr truncates it. Eeek.
Should it be fixed by having the subroutine do a pstrdup,
or should get_remote_host return a copy of the string instead? I think
the former, something might depend on the behavior of the latter....
Brian
--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
brian@organic.com | We're hiring! http://www.organic.com/Home/Info/Jobs/