You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ji...@apache.org on 2010/08/21 18:16:19 UTC

svn commit: r987780 - in /httpd/httpd/branches/2.2.x: CHANGES STATUS support/rotatelogs.c

Author: jim
Date: Sat Aug 21 16:16:18 2010
New Revision: 987780

URL: http://svn.apache.org/viewvc?rev=987780&view=rev
Log:
   * rotatelogs: Fix possible buffer overflow if admin configures a
     mongo log file path.
     Trunk already has a fix.
     2.2.x patch: http://people.apache.org/~trawick/rotatelogs.overflow.txt
     +1: trawick, rpluem, lars, jim


Modified:
    httpd/httpd/branches/2.2.x/CHANGES
    httpd/httpd/branches/2.2.x/STATUS
    httpd/httpd/branches/2.2.x/support/rotatelogs.c

Modified: httpd/httpd/branches/2.2.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?rev=987780&r1=987779&r2=987780&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.2.x/CHANGES [utf-8] Sat Aug 21 16:16:18 2010
@@ -1,6 +1,9 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.2.17
 
+  *) rotatelogs: Fix possible buffer overflow if admin configures a
+     mongo log file path. [Jeff Trawick]
+
   *) mod_ssl: Do not do overlapping memcpy. PR 45444 [Joe Orton]
 
   *) vhost: A purely-numeric Host: header should not be treated as a port.

Modified: httpd/httpd/branches/2.2.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/STATUS?rev=987780&r1=987779&r2=987780&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/STATUS (original)
+++ httpd/httpd/branches/2.2.x/STATUS Sat Aug 21 16:16:18 2010
@@ -87,11 +87,6 @@ RELEASE SHOWSTOPPERS:
 PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
   [ start all new proposals below, under PATCHES PROPOSED. ]
 
-   * rotatelogs: Fix possible buffer overflow if admin configures a
-     mongo log file path.
-     Trunk already has a fix.
-     2.2.x patch: http://people.apache.org/~trawick/rotatelogs.overflow.txt
-     +1: trawick, rpluem, lars, jim
 
 PATCHES PROPOSED TO BACKPORT FROM TRUNK:
   [ New proposals should be added at the end of the list ]

Modified: httpd/httpd/branches/2.2.x/support/rotatelogs.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/support/rotatelogs.c?rev=987780&r1=987779&r2=987780&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/support/rotatelogs.c (original)
+++ httpd/httpd/branches/2.2.x/support/rotatelogs.c Sat Aug 21 16:16:18 2010
@@ -248,7 +248,7 @@ int main (int argc, const char * const a
                 apr_strftime(buf2, &rs, sizeof(buf2), szLogRoot, &e);
             }
             else {
-                sprintf(buf2, "%s.%010d", szLogRoot, tLogStart);
+                apr_snprintf(buf2, sizeof(buf2), "%s.%010d", szLogRoot, tLogStart);
             }
             tLogEnd = tLogStart + tRotation;
             pfile_prev = pfile;