svn commit: r386592 - in /tomcat/connectors/trunk/jk: native/common/jk_util.c xdocs/changelog.xml

Fri, 17 Mar 2006 01:35:43 -0800 

Author: mturk
Date: Fri Mar 17 01:35:16 2006
New Revision: 386592

URL: http://svn.apache.org/viewcvs?rev=386592&view=rev
Log:
Fix #37332 -- potential misuse of buffer length with snprintf functions.

Modified:
    tomcat/connectors/trunk/jk/native/common/jk_util.c
    tomcat/connectors/trunk/jk/xdocs/changelog.xml

Modified: tomcat/connectors/trunk/jk/native/common/jk_util.c
URL: 
http://svn.apache.org/viewcvs/tomcat/connectors/trunk/jk/native/common/jk_util.c?rev=386592&r1=386591&r2=386592&view=diff
==============================================================================
--- tomcat/connectors/trunk/jk/native/common/jk_util.c (original)
+++ tomcat/connectors/trunk/jk/native/common/jk_util.c Fri Mar 17 01:35:16 2006
@@ -315,8 +315,8 @@
             used += sprintf(&buf[used], "[%04d:%04d] ", getpid(),
                             jk_gettid());
 #else
-            used += snprintf(&buf[used], HUGE_BUFFER_SIZE, "[%04d:%04d] ",
-                             getpid(), jk_gettid());
+            used += snprintf(&buf[used], HUGE_BUFFER_SIZE - used,
+                             "[%04d:%04d] ", getpid(), jk_gettid());
 #endif
             if (used < 0) {
                 return 0;
@@ -338,8 +338,8 @@
             used += sprintf(&buf[used], "%s (%d): ", f, line);
 #else
         if (line)
-            used += snprintf(&buf[used], HUGE_BUFFER_SIZE, "%s (%d): ",
-                             f, line);
+            used += snprintf(&buf[used], HUGE_BUFFER_SIZE - used,
+                             "%s (%d): ", f, line);
 #endif
         if (used < 0) {
             return 0;           /* [V] not sure what to return... */

Modified: tomcat/connectors/trunk/jk/xdocs/changelog.xml
URL: 
http://svn.apache.org/viewcvs/tomcat/connectors/trunk/jk/xdocs/changelog.xml?rev=386592&r1=386591&r2=386592&view=diff
==============================================================================
--- tomcat/connectors/trunk/jk/xdocs/changelog.xml (original)
+++ tomcat/connectors/trunk/jk/xdocs/changelog.xml Fri Mar 17 01:35:16 2006
@@ -26,6 +26,10 @@
   <subsection name="Native">
     <changelog>
       <fix>
+      <bug>37332</bug>: Fix potential misuse of buffer length with
+      snprintf functions. (mturk)
+      </fix>
+      <fix>
       <bug>38859</bug>: Protect mod_jk against buggy or malicious
       AJP servers in the backend. Patch provided by Ruediger Pluem. (mturk)
       </fix>



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to