Hi Stipe,
This is not a segfault, my mistake as I already indicated. It is just copied
from an invalid area. Since the allocated memory is valid, no problem so
far, unless the contents are accessed as an Octstr (through ostr->len)
instead of C-string. In that case you will get garbadge at the end.
Unfortunately, I don't have time for a test right now, it will take a couple
of weeks before I can do it, however it is seems pretty obvious to me.
BR,
Nikos
----- Original Message -----
From: "Stipe Tolj" <[email protected]>
Cc: <[email protected]>
Sent: Friday, March 27, 2009 10:47 PM
Subject: Re: gwlib/http.c patch
Nikos Balkanas schrieb:
The mistake here is that this is done with memcpy, which will copy all
bits without checking. It is not writing, therefore no memory
corruption, as I stated, but the copied data in Octstr is invalid and
has the wrong length. Not a biggie if you are using it as a C string,
but quite messy if you use it as Octstr.
Hi Nikos,
this is a possible segfault, is that what you mean? Can you have us a
simple
test_foobar.c that demos the impact with code? That would be great.
Stipe
--
-------------------------------------------------------------------
Kölner Landstrasse 419
40589 DΓΌsseldorf, NRW, Germany
tolj.org system architecture Kannel Software Foundation (KSF)
http://www.tolj.org/ http://www.kannel.org/
mailto:st_{at}_tolj.org mailto:stolj_{at}_kannel.org
-------------------------------------------------------------------
