markt-asf commented on PR #13: URL: https://github.com/apache/tomcat-connectors/pull/13#issuecomment-4662301476
The security claims are massively overblown. At best, there was a hardening fix to be made here but even that is only going to be needed if an admin configures a very strange/unsafe re-write rule. The `malloc` -> `calloc` changes are completely unnecessary. Various (mostly unlikely but you never know if the system is under load) allocation failures - including a line you edited - were not handled. There was also a memory leak that was missed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
