Hello
I had a quick look at httpd 2.4.10 (couldn't find on the website how to
site how to checkout the trunk)
http://httpd.apache.org/docs/trunk/
Taking this file as an example:
httpd-2.4.10/modules/ssl/ssl_engine_init.c
1) Doesn't check make_dh_params() prime is a non-NULL valid function
pointer.
2) DH *modssl_get_dh_params(unsigned keylen).
keylen doesn't have a type. better to write unsigned int keylen
3) ssl_add_version_components() doesn't check s and p are valid
non-NULL parameters before using them.
4) ssl_add_version_components() modver incver libver should probably
be const char *
5) ssl_init_Module() all pointer params should be checked to be non-NULL,
and an appropriate error apr_status_t returned (something other than
APR_SUCCESS)
In my view, worth making these changes. You may already be familiar with
ISO/IEC TR 24772 which covers these kind of things.
Regards, Jonny
