The following reply was made to PR apache-api/3355; it has been noted by GNATS.
From: Marc Slemko <[EMAIL PROTECTED]>
To: Brian Schaffner <[EMAIL PROTECTED]>
Cc: Apache bugs database <[EMAIL PROTECTED]>
Subject: RE: apache-api/3355: ap_vformatter barfs on %n in log message
Date: Fri, 6 Nov 1998 10:34:47 -0800 (PST)
On Fri, 6 Nov 1998, Brian Schaffner wrote:
> The actual code in the PHP source is (main.c, 224):
>
> aplog_error(NULL, 0, APLOG_ERR | APLOG_NOERRNO, php3_rqst->server,
> log_message);
>
> passing "%n" as log_message.
>
> In PHP code:
> <?
> error_log("%n");
> ?>
>
Why do you think this is a bug in Apache? %n is supposed to do:
n The argument should be a pointer to an
integer into which is written the number of
characters written to the output standard I/O
stream so far by this call to printf(),
fprintf(), or sprintf(). No argument is con-
verted.
If you call it without the proper number of arguments (ie. without a
pointer to an integer as the relevant parameter) then it really isn't
Apache's job to try to figure that out and, in fact, it can't always
figure that out.
