Giuliano Gavazzi wrote:
On 19 Jan 2007, at 11:24, Drew Bertola wrote:
That's the question. I didn't mention this, and from your response it
now seems important: When I compare strlen(str) to len, len is either
equal or less than the length of str.
So, does len truly represent the data read, or does str?
ah, I thought your were finding strlen < len (because of nulls in *str)
From reading the headers: len is the amount of data returned.
Since str is not null terminated, as you showed, sooner or later if
you call strlen(str) you will hit an access violation.
But don't quote me on anything I wrote, I am not an expert in apr!
Hey, g - actually, you hit the nail on the head here. The data in the
bucket does NOT always terminate with a NULL. Additionally, the bucket
might contain additional NULL characters as part of the data (e.g. if
the bucket contains compressed HTML pages, or an .EXE file, or... you
get the idea). So, you are an expert here.
The content-length header will not always be accurate, either, unless
every module resets the parameter. Additionally, some modules do not set
that. Plus, it almost never matches the bucket length - brigade length,
perhaps, but not bucket length.
Whenever someone reads from a bucket, they should ALWAYS use the &len
value. If they know it's a string, slap a NULL character on the end to
prevent NULL-termination if using the standard strcmp or strlen
functions, or expect a nice SEGV to occur.
Joe
