On Wed, Oct 23, 2013 at 1:27 AM, William A. Rowe Jr. wrote:
>
> On Oct 22, 2013 5:14 PM, "Yann Ylavic" wrote:
> >
> >
> > Shouldn't this be safe from terminal controls, eg :
> > const char *name = process->short_name;
> > if (!name ||
> > !*name ||
> > ap_has_cntrl(name)) {
> > na
On Oct 22, 2013 5:14 PM, "Yann Ylavic" wrote:
>
>
> Shouldn't this be safe from terminal controls, eg :
> const char *name = process->short_name;
> if (!name ||
> !*name ||
> ap_has_cntrl(name)) {
> name = "httpd";
> }
> ?
No. You are thinking of untrusted user input. The Ad
On Mon, Oct 21, 2013 at 2:30 AM, wrote:
> Author: niq
> Date: Mon Oct 21 00:30:26 2013
> New Revision: 1534015
>
> URL: http://svn.apache.org/r1534015
> Log:
> Fix r55670. Not a great idea to dereference process after pool destroy!
>
> Modified:
> httpd/httpd/trunk/server/main.c
>
> Modified