dgaudet 98/01/02 16:18:40
Modified: src CHANGES
src/main http_log.c
Log:
Fix buffer overrun in log_printf().
Reviewed by: Randy Terbush
Revision Changes Path
1.557 +4 -0 apachen/src/CHANGES
Index: CHANGES
===================================================================
RCS file: /export/home/cvs/apachen/src/CHANGES,v
retrieving revision 1.556
retrieving revision 1.557
diff -u -r1.556 -r1.557
--- CHANGES 1998/01/02 23:58:26 1.556
+++ CHANGES 1998/01/03 00:18:31 1.557
@@ -1,5 +1,9 @@
Changes with Apache 1.3b4
+ *) The aplog_error changes specific to 1.3 introduced a buffer
+ overrun in the (now legacy) log_printf function. Fixed.
+ [Dean Gaudet]
+
*) mod_digest didn't properly deal with proxy authentication. It
also lacked a case-insensitive comparision of the "Digest"
token. [Ronald Tschalaer <[EMAIL PROTECTED]>] PR#1599
1.45 +1 -1 apachen/src/main/http_log.c
Index: http_log.c
===================================================================
RCS file: /export/home/cvs/apachen/src/main/http_log.c,v
retrieving revision 1.44
retrieving revision 1.45
diff -u -r1.44 -r1.45
--- http_log.c 1997/12/07 15:47:59 1.44
+++ http_log.c 1998/01/03 00:18:38 1.45
@@ -413,7 +413,7 @@
va_list args;
va_start(args, fmt);
- vsprintf(buf, fmt, args);
+ ap_vsnprintf(buf, sizeof(buf), fmt, args);
aplog_error(APLOG_MARK, APLOG_ERR, s, buf);
va_end(args);
}
