https://issues.apache.org/bugzilla/show_bug.cgi?id=44793
Summary: logical error with ssl_util_table.c
Product: Apache httpd-2
Version: 2.0.63
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: mod_ssl
AssignedTo: [email protected]
ReportedBy: [EMAIL PROTECTED]
if the bucket has only one element and the element is not match, cause entry_p
is not null and entry_p->te_next_p is null, then the loop is not excuted, then
we get to judge whether we find it. it's a bug,should fix as follow
/* look for the entry in this bucket, only check keys of the same size */
last_p = NULL;
for (entry_p = table_p->ta_buckets[bucket];
(entry_p != NULL) && (entry_p->te_next_p != last_p);
last_p = entry_p, entry_p = entry_p->te_next_p) {
if (entry_p->te_key_size == ksize
&& memcmp(ENTRY_KEY_BUF(entry_p), key_buf, ksize) == 0)
break;
}
/* did we find it? then we are in replace mode. */
if (entry_p != NULL) {
/* can we not overwrite existing data? */
if (!overwrite_b) {
if (key_buf_p != NULL)
*key_buf_p = ENTRY_KEY_BUF(entry_p);
if (data_buf_p != NULL) {
if (entry_p->te_data_size == 0)
*data_buf_p = NULL;
else {
if (table_p->ta_data_align == 0)
*data_buf_p = ENTRY_DATA_BUF(table_p, entry_p);
else
*data_buf_p = entry_data_buf(table_p, entry_p);
}
}
return TABLE_ERROR_OVERWRITE;
}
////////fix
/* look for the entry in this bucket, only check keys of the same size */
last_p = NULL;
for (entry_p = table_p->ta_buckets[bucket];
(entry_p != NULL) && (entry_p->te_next_p != last_p);
last_p = entry_p, entry_p = entry_p->te_next_p) {
if (entry_p->te_key_size == ksize
&& memcmp(ENTRY_KEY_BUF(entry_p), key_buf, ksize) == 0)
break;
}
/* did we find it? then we are in replace mode. */
// if entry_p != NULL and last_p != NULL, we find the match key
// otherwise if entry_p != NULL and last_p == NULL and entry_p is the match
key, we also find the match key
if (entry_p != NULL && (last_p != NULL || (entry_p->te_key_size == ksize
&& memcmp(ENTRY_KEY_BUF(entry_p), key_buf, ksize) == 0))) {
/* can we not overwrite existing data? */
if (!overwrite_b) {
if (key_buf_p != NULL)
*key_buf_p = ENTRY_KEY_BUF(entry_p);
if (data_buf_p != NULL) {
if (entry_p->te_data_size == 0)
*data_buf_p = NULL;
else {
if (table_p->ta_data_align == 0)
*data_buf_p = ENTRY_DATA_BUF(table_p, entry_p);
else
*data_buf_p = entry_data_buf(table_p, entry_p);
}
}
return TABLE_ERROR_OVERWRITE;
}
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
