ben 96/12/28 10:16:11
Modified: src CHANGES util_script.c Log: Make create_argv() safe from overflows. Revision Changes Path 1.106 +2 -1 apache/src/CHANGES Index: CHANGES =================================================================== RCS file: /export/home/cvs/apache/src/CHANGES,v retrieving revision 1.105 retrieving revision 1.106 diff -C3 -r1.105 -r1.106 *** CHANGES 1996/12/28 00:13:19 1.105 --- CHANGES 1996/12/28 18:16:09 1.106 *************** *** 72,78 **** using the -make flag. [Rob Hartill] *) Fix coredump triggered when sending a SIGHUP to the server caused ! by a dereference of an unitialized pointer in the listen_rec. [Ben Laurie] *) Add FILEPATH_INFO variable to CGI environment, which is equal to --- 72,79 ---- using the -make flag. [Rob Hartill] *) Fix coredump triggered when sending a SIGHUP to the server caused ! by an assertion failure, in turn caused by an uninitialised field in a ! listen_rec. [Ben Laurie] *) Add FILEPATH_INFO variable to CGI environment, which is equal to 1.35 +2 -0 apache/src/util_script.c Index: util_script.c =================================================================== RCS file: /export/home/cvs/apache/src/util_script.c,v retrieving revision 1.34 retrieving revision 1.35 diff -C3 -r1.34 -r1.35 *** util_script.c 1996/12/26 19:07:05 1.34 --- util_script.c 1996/12/28 18:16:10 1.35 *************** *** 60,65 **** --- 60,66 ---- #include "http_core.h" /* For document_root. Sigh... */ #include "http_request.h" /* for sub_req_lookup_uri() */ #include "util_script.h" + #include <assert.h> /* * Various utility functions which are common to a whole lot of *************** *** 96,101 **** --- 97,103 ---- while ((t = strtok(NULL, "+")) != NULL) { unescape_url(t); + assert(idx < APACHE_ARG_MAX); av[idx] = escape_shell_cmd(r->pool, t); av[idx] = t; idx++;