On 12/19/2012 02:33 PM, Kinkie wrote: > there seems to be a buffer overrun in the Scoutcast related test in > testHttpReply.
Indeed. > The attached patch may address it - it's unclear to me whether the > cstring-termination \0 should be appended to the MemBuf - I assume so as > the test is not crashing, but you never know. If the test is for parsing the header, then it does not matter whether 0 terminator is appended or not (it is not a part of the header). However, it is best not to append it IMO: If there is a bug in headersEnd or elsewhere, it would be slightly more likely to be exposed if the terminator is not there. > Unless the trailing garbage to the input is intentional, if so I'll mark > the bug as intentional in coverity. If the intent is to append garbage, the test code should be rewritten. I do not think it is though. Thank you, Alex.
