On Fri, Feb 16, 2018 at 10:57 AM, Ruediger Pluem <rpl...@apache.org> wrote: > > On 02/15/2018 01:57 PM, yla...@apache.org wrote: >> >> Modified: httpd/httpd/trunk/server/protocol.c >> URL: >> http://svn.apache.org/viewvc/httpd/httpd/trunk/server/protocol.c?rev=1824303&r1=1824302&r2=1824303&view=diff >> ============================================================================== >> --- httpd/httpd/trunk/server/protocol.c (original) >> +++ httpd/httpd/trunk/server/protocol.c Thu Feb 15 12:57:14 2018 > >> @@ -487,6 +490,11 @@ AP_DECLARE(int) ap_getline(char *s, int >> apr_size_t len; >> apr_bucket_brigade *tmp_bb; >> >> + if (n < 1) { >> + /* Can't work since we always NUL terminate */ >> + return -1; >> + } >> + > > Shouldn't we check for s != NULL as well? Otherwise the contents is read to a > buffer allocated by ap_rgetline_core and > we only return the length. I don 't see how this usage could be useful as the > content cannot be read again (otherwise > it would be useful to see how much content is in the pipe)
While the n < 0 check protects against signed to unsigned underflow which could crash the process, s == NULL only affects the caller (no strong opinion actually). Maybe it's used to eat/discard lines somewhere? Regards, Yann.