You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2002/11/18 15:09:24 UTC
DO NOT REPLY [Bug 14631] -
Passing unsafe_source data buffer to strstr
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=14631>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=14631
Passing unsafe_source data buffer to strstr
trawick@apache.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
------- Additional Comments From trawick@apache.org 2002-11-18 14:09 -------
It is definitely weird code, but the strstr() call does not need a
terminating '\0' because it is guaranteed to find the tag before
the end of the buffer due to the line right before the call to
strstr().
The strncpy() call right before strstr() puts a copy of the tag
after the data read from the file, so strstr() definitely has
something to find.
But thanks for looking anyway :) More eyes are always good.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org