> -----Original Message-----
> From: Rainer Jung [mailto:]
> Sent: Dienstag, 24. Juli 2012 12:49
> To: [email protected]
> Subject: Re: ProxyBlock question
>
> On 24.07.2012 11:22, Joe Orton wrote:
>
> > (But reading that code again, you also lead me to another bug; the use
> > of apr_sockaddr_ip_get() against resolved addresses on the ->noproxies
> > list looks to be leaky/unsafe, it will allocate memory out of pconf
> each
> > time we check a resolved address!)
>
> :(
I guess we should use apr_sockaddr_ip_getbuf instead and allocate the buffer
by ourselves from the correct pool / use a local char array of the maximum size
needed,
which is IMHO 46. So something like this:
Index: modules/proxy/proxy_util.c
===================================================================
--- modules/proxy/proxy_util.c (revision 1364919)
+++ modules/proxy/proxy_util.c (working copy)
@@ -759,6 +759,8 @@
return host != NULL && ap_strstr_c(host, This->name) != NULL;
}
+#define MAX_IP_STR_LEN 46
+
/* checks whether a host in uri_addr matches proxyblock */
PROXY_DECLARE(int) ap_proxy_checkproxyblock(request_rec *r, proxy_server_conf
*conf,
apr_sockaddr_t *uri_addr)
@@ -783,10 +785,12 @@
while (conf_addr) {
uri_addr = src_uri_addr;
while (uri_addr) {
- char *conf_ip;
- char *uri_ip;
- apr_sockaddr_ip_get(&conf_ip, conf_addr);
- apr_sockaddr_ip_get(&uri_ip, uri_addr);
+ char conf_ip[MAX_IP_STR_LEN];
+ char uri_ip[MAX_IP_STR_LEN];
+ apr_sockaddr_ip_getbuf(conf_ip, conf_addr->addr_str_len,
+ conf_addr);
+ apr_sockaddr_ip_getbuf(uri_ip, uri_addr->addr_str_len,
+ uri_addr);
ap_log_rerror(APLOG_MARK, APLOG_TRACE2, 0, r,
"ProxyBlock comparing %s and %s", conf_ip,
uri_ip);
Regards
Rüdiger
