* Use apr_size_t instead of int to harden against overflows.

author Ruediger Pluem <rpluem@apache.org>

Thu, 25 Aug 2022 15:57:59 +0000 (15:57 +0000)

committer Ruediger Pluem <rpluem@apache.org>

Thu, 25 Aug 2022 15:57:59 +0000 (15:57 +0000)
author Ruediger Pluem <rpluem@apache.org>
Thu, 25 Aug 2022 15:57:59 +0000 (15:57 +0000)
committer Ruediger Pluem <rpluem@apache.org>
Thu, 25 Aug 2022 15:57:59 +0000 (15:57 +0000)
diff --git a/server/util_script.c b/server/util_script.c

index 1fa4276caef71c7c110183ac0188219f4311b16a..72175e7582484eb7927c3a27b8431ab78ed8f405 100644 (file)
--- a/server/util_script.c
+++ b/server/util_script.c
@@ -466,7 +466,7 @@ AP_DECLARE(int) ap_scan_script_header_err_core_ex(request_rec *r, char *buffer,
  {
      char x[MAX_STRING_LEN];
      char *w, *l;
-    int p;
+    apr_size_t p;
      int cgi_status = HTTP_UNSET;
      apr_table_t *merge;
      apr_table_t *cookie_table;
@@ -837,7 +837,7 @@ static int getsfunc_STRING(char *w, int len, void *pvastrs)
  {
      struct vastrs *strs = (struct vastrs*) pvastrs;
      const char *p;
-    int t;
+    apr_size_t t;
  
      if (!strs->curpos || !*strs->curpos) {
          w[0] = '\0';
author	Ruediger Pluem <rpluem@apache.org>
	Thu, 25 Aug 2022 15:57:59 +0000 (15:57 +0000)
committer	Ruediger Pluem <rpluem@apache.org>
	Thu, 25 Aug 2022 15:57:59 +0000 (15:57 +0000)