Merge r589461, r602491 from trunk:

Prevent 1-byte overflow on 8192 boundary (see PR 43310)

Alternate fix... profiling indicates that the string
termination is completely unneeded and superflous. In
which case, the original allocation size is sufficient
since nothing external worries about a NULL nor
looks for it.

Reviewed by: jim

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@602536 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/STATUS b/STATUS
index fef8d04837587636b8bf996b1462a7776d171d6f..a6061c89deb5db14278b5df49ec3558a92706c3e 100644 (file)
--- a/STATUS
+++ b/STATUS
@@ -79,14 +79,6 @@ RELEASE SHOWSTOPPERS:
 PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
   [ start all new proposals below, under PATCHES PROPOSED. ]
 
-  * server/protocol.c: Prevent 1-byte overflow on 8192 boundary in
-    ap_vrprintf(). PR 43310
-    trunk:
-       http://svn.apache.org/viewvc?view=rev&revision=589461
-       http://svn.apache.org/viewvc?view=rev&revision=602491
-    2.2.x:
-       Trunk version of patch works
-    +1: jim, rpluem, niq
 
 PATCHES PROPOSED TO BACKPORT FROM TRUNK:
   [ New proposals should be added at the end of the list ]

diff --git a/server/protocol.c b/server/protocol.c
index d58dd8c2229abe32cb3b9f74daa7a5f3806588b8..b10a45b909432912f804e6770eab87cfeb7bcf47 100644 (file)
--- a/server/protocol.c
+++ b/server/protocol.c
@@ -1539,9 +1539,6 @@ AP_DECLARE(int) ap_vrprintf(request_rec *r, const char *fmt, va_list va)
 
     written = apr_vformatter(r_flush, &vd.vbuff, fmt, va);
 
-    /* tack on null terminator on remaining string */
-    *(vd.vbuff.curpos) = '\0';
-
     if (written != -1) {
         int n = vd.vbuff.curpos - vrprintf_buf;