I'm not good at English. If you can't catch what I say, please see the attached
patch.
This doesn't have to meet 0.9.1, but may affect performance.
modules/ftp/ftp_message.c line 53:
strncpy(outptr, time_str, outlen);
if (outlen > APR_CTIME_LEN - 1) {
*(outptr + APR_CTIME_LEN - 1) = '\0';
}
When the condition is true, outptr has been NULL-terminated by strncpy.
I thought it should be "outlen < APR_CTIME_LEN"...
But though outptr hasn't when the condition is false,
line 109:
outptr[outlen - 1] = '\0';
will NULL-terminate. So this if block is useless.
Moreover, strncpy fills '\0'. outlen is often BUFSIZ, which is very large
number.
apr_cpystrn is better.
Index: modules/ftp/ftp_message.c
===================================================================
--- modules/ftp/ftp_message.c (revision 605569)
+++ modules/ftp/ftp_message.c (working copy)
@@ -50,10 +50,7 @@
switch(*++inptr) {
case 'T':
apr_ctime(time_str, apr_time_now());
- strncpy(outptr, time_str, outlen);
- if (outlen > APR_CTIME_LEN - 1) {
- *(outptr + APR_CTIME_LEN - 1) = '\0';
- }
+ apr_cpystrn(outptr, time_str, outlen);
break;
case 'C':
apr_snprintf(outptr, outlen, "%s", fc->cwd);
