You are viewing a plain text version of this content. The canonical link for it is here.
Posted to mod_tcl-dev@tcl.apache.org by Helmut Hissen <he...@zeebar.com> on 2005/11/29 23:57:06 UTC
set_var bug?
I just figured out why our httpds were dumping core sometimes during
customer signup ... it appears that set_var() in tcl_core.c expects some
variable length arg list to do a vasprintf() on, but the rest of the
code (called when setting up the Tcl env table (incl QUERY_STRING) as
well as for post variables) only uses it ever with a single argument.
Problem is that if that since argument (the value to be stored) contains
certain valid %formats (such as %n), the code runs off the stack
looking for corresponding arguments (which never get passed in). In our
case, people were sending in their email address in a QUERY_STRING from
a web form and anybody unlucky to have an email address on a domain
starting with a valid printf %format character was crashing out httpd,
the symptom being that people appeared to get the same form back (wich
they didnt, because httpd just barfed).
eg: "firstName=helmut&email=helmut%40nowhere.com&email2%40nowhere.com"
I just took out the references to the va/vsprint from set_var() (making
it a fixed length arg list function) and our servers are much happier now.
regards
Helmut Hissen
helmut@zeebar.com
ps: kudos to Leupold-LoewenthalM@spardat.at for his brilliant
workaround to the encoding problem
---------------------------------------------------------------------
To unsubscribe, e-mail: mod_tcl-dev-unsubscribe@tcl.apache.org
For additional commands, e-mail: mod_tcl-dev-help@tcl.apache.org