On 02/15/2018 01:57 PM, yla...@apache.org wrote: > Author: ylavic > Date: Thu Feb 15 12:57:14 2018 > New Revision: 1824303 > > URL: http://svn.apache.org/viewvc?rev=1824303&view=rev > Log: > core: Ensure that ap_*getline*() return NUL terminated lines on any error. > > This was done only on buffer full, so be consistent, and fail early if the > given buffer can't even hold the NUL bytes (negative or nul size). > > > Modified: > httpd/httpd/trunk/CHANGES > httpd/httpd/trunk/server/protocol.c >
> Modified: httpd/httpd/trunk/server/protocol.c > URL: > http://svn.apache.org/viewvc/httpd/httpd/trunk/server/protocol.c?rev=1824303&r1=1824302&r2=1824303&view=diff > ============================================================================== > --- httpd/httpd/trunk/server/protocol.c (original) > +++ httpd/httpd/trunk/server/protocol.c Thu Feb 15 12:57:14 2018 > @@ -487,6 +490,11 @@ AP_DECLARE(int) ap_getline(char *s, int > apr_size_t len; > apr_bucket_brigade *tmp_bb; > > + if (n < 1) { > + /* Can't work since we always NUL terminate */ > + return -1; > + } > + Shouldn't we check for s != NULL as well? Otherwise the contents is read to a buffer allocated by ap_rgetline_core and we only return the length. I don 't see how this usage could be useful as the content cannot be read again (otherwise it would be useful to see how much content is in the pipe) Regards RĂ¼diger