DO NOT REPLY [Bug 29455] New: - Patch for questionable http strtol use

9 Jun 2004 04:32:08 -0000 

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=29455>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=29455

Patch for questionable http strtol use

           Summary: Patch for questionable http strtol use
           Product: Apache httpd-2.0
           Version: 2.0.49
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Minor
          Priority: Other
         Component: Core
        AssignedTo: [email protected]
        ReportedBy: [EMAIL PROTECTED]


Code inspection shows strtol being used to convert "Content-Length"
from ASCII to a long which is then assigned to a apr_off_t variable.
This appears questionable since on some platforms (i.e. FreeBSD)
apr_off_t is larger than a long (which implies that "Content-Length"
may contain values which exceed a long).  This patch uses strtoll
in place of strtol.  It's been tested on FreeBSD 4.10 x86.

------------------8<------------------------8<------------------------
*** modules/http/http_protocol.c.ORIGINAL       Mon Feb  9 15:53:18 2004
--- modules/http/http_protocol.c        Tue Jun  8 03:30:07 2004
*************** apr_status_t ap_http_filter(ap_filter_t 
*** 769,775 ****
  
              ctx->state = BODY_LENGTH;
              errno = 0;
!             ctx->remaining = strtol(lenp, &endstr, 10);       /* we depend on 
ANSI */
  
              /* This protects us from over/underflow (the errno check),
               * non-digit chars in the string (excluding leading space)
--- 769,775 ----
  
              ctx->state = BODY_LENGTH;
              errno = 0;
!             ctx->remaining = (apr_off_t)strtoll(lenp, &endstr, 10); /* we depe
nd on ANSI */
  
              /* This protects us from over/underflow (the errno check),
               * non-digit chars in the string (excluding leading space)
*************** AP_DECLARE(int) ap_setup_client_block(re
*** 1756,1762 ****
          char *endstr;
  
          errno = 0;
!         r->remaining = strtol(lenp, &endstr, 10); /* depend on ANSI */
  
          /* See comments in ap_http_filter() */
          if (errno || (endstr && *endstr) || (r->remaining < 0)) {
--- 1756,1762 ----
          char *endstr;
  
          errno = 0;
!         r->remaining = (apr_off_t)strtoll(lenp, &endstr, 10); /* depend on ANS
I */
  
          /* See comments in ap_http_filter() */
          if (errno || (endstr && *endstr) || (r->remaining < 0)) {

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to