> const char *wname) {
> + int rc = JK_TRUE;
> + char buf[1024];
> + if (m && wname) {
> + int value;
> + sprintf(buf, "%s.%s.%s", PREFIX_OF_WORKER, wname, STICKY_SESSION);
Seeing that checkin I got curious and I had a look at the code.
I saw that this sprintf is used a lot in that way. Was wondering if
there was a way to pass some parameters to overflow the buffer.
Especially if the name comes from a property read from a file. I didn't
see any special protection checking the length of the parameters, wname
in that case.
Am I wrong?
J.
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
