On Sun, Dec 30, 2001 at 02:58:16PM +0200, Graham Leggett wrote:
> Adam Sussman wrote:
>
> > Mod_proxy truncates the status line returned by the proxied
> > server. One character gets snipped off of the end of the
> > status line.
>
> Are you 100% sure the buffer is big enough to do this? If the buffer is
> of size "len" the zero will be written past the end of the buffer.
>
In the current code, "len" is strlen(buffer) so it can be safely assumed
to be one less than the length of the buffer (provided of course that
ap_proxy_string_read can be trusted).
In any case, the specific setting of a null character in a way that truncates
valid data is not appropriate here. Buffer and len must be sized appropriatly.
I believe that they are correct.
-adam
> > Index: modules/proxy/proxy_http.c
> > ===================================================================
> > RCS file: /home/cvspublic/httpd-2.0/modules/proxy/proxy_http.c,v
> > retrieving revision 1.114
> > diff -u -r1.114 proxy_http.c
> > --- proxy_http.c 19 Dec 2001 16:32:01 -0000 1.114
> > +++ proxy_http.c 29 Dec 2001 00:12:21 -0000
> > @@ -689,7 +689,7 @@
> > "server: ", buffer, NULL));
> > }
> > backasswards = 0;
> > - buffer[--len] = '\0';
> > + buffer[len] = '\0';
> >
> > buffer[12] = '\0';
> > r->status = atoi(&buffer[9]);
>
> Regards,
> Graham
> --
> -----------------------------------------
> [EMAIL PROTECTED] "There's a moon
> over Bourbon Street
> tonight..."
--
"I believe in Kadath in the cold waste, and Ultima Thule. But you
cannot prove to me that Harvard Law School actually exists."
- Theodora Goss
"I'm not like that, I have a cat, I don't need you.. My cat, and
about 18 lines of bourne shell code replace you in life."
- anonymous
Adam Sussman
Vidya Media Ventures
[EMAIL PROTECTED]
