[ http://issues.apache.org/jira/browse/AXISCPP-826?page=all ]
Chinthana Danapala reassigned AXISCPP-826:
------------------------------------------
Assign To: Chinthana Danapala
> Apache2Transport::getBytes() may lead to access violation
> ---------------------------------------------------------
>
> Key: AXISCPP-826
> URL: http://issues.apache.org/jira/browse/AXISCPP-826
> Project: Axis-C++
> Type: Bug
> Components: Transport (Server), Transport (axis2), Server - Apache module
> Versions: unspecified
> Reporter: Henrik Nordberg
> Assignee: Chinthana Danapala
>
> You can't use a function like strstr() on a non-null terminated string, such
> as the buffer filled by ap_get_client_block(). This is done in
> Apache2Transport::getBytes() in Apache2Transport.cpp, where the following
> code is copied from:
> len_read = ap_get_client_block((request_rec*) m_pContext, pBuffer,
> *piSize);
>
> if (strstr(pBuffer, "Content-Id")) {
> pAttachmentHelper = new AttachmentHelper();
> ...
> pBuffer must be terminated with a '\0' before you can use it in a call to
> strstr(). So maybe that if(strstr... block should be moved down to just
> before return TRANSPORT_FINISHED; ? I am not sure of the intention of the
> code, so the author should make the decision.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
