DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=20617>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=20617 GetServerVariable("ALL_RAW") returns wrong buffer size Summary: GetServerVariable("ALL_RAW") returns wrong buffer size Product: Apache httpd-2.0 Version: 2.0.46 Platform: PC OS/Version: Windows NT/2K Status: NEW Severity: Normal Priority: Other Component: mod_isapi AssignedTo: [email protected] ReportedBy: [EMAIL PROTECTED] Line 586 adds two bytes to the length of each header string to allow for characters that will be added when the string is formatted: len += strlen(elts[i].key) + strlen(elts[i].val) + 2; This is consistent with the commentary that precedes it, however, line 598- 602 actually add three bytes to the header string: *(((char*)buf_data)++) = ':'; *(((char*)buf_data)++) = ' '; strcpy(buf_data, elts[i].val); ((char*)buf_data) += strlen(elts[i].val); *(((char*)buf_data)++) = '\n'; Net result: buf_size is one byte per row too small. GetServerVariable() is typically called once with a NULL buffer to establish the required buffer size, then called again with a newly allocated buffer of the appropriate size. This isn't possible if the first call returns too small a size. The fix is simple: change '2' to '3' in line 586. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
