properly terminated before logging.
Submitted by: Tsurutani Naoki <turutani scphys.kyoto-u.ac.jp>
Reviewed by: trawick, nd, bnicholes
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/APACHE_2_0_BRANCH@103680
13f79535-47bb-0310-9956-
ffa450edef68
Changes with Apache 2.0.50
+ *) Ensure that lines in the request which are too long are
+ properly terminated before logging.
+ [Tsurutani Naoki <turutani scphys.kyoto-u.ac.jp>]
+
*) Update the bind credentials for the cached LDAP connection to
reflect the last bind. This prevents util_ldap from creating
unnecessary connections rather than reusing cached connections.
APACHE 2.0 STATUS: -*-text-*-
-Last modified at [$Date: 2004/05/13 15:18:24 $]
+Last modified at [$Date: 2004/05/13 23:40:02 $]
Release:
which integrates the two rounds of changes)
+1 concept: trawick
- * Make sure long request lines are '\0'-terminated. (PR 28376)
- http://cvs.apache.org/viewcvs.cgi/httpd-2.0/server/protocol.c?r1=1.147&r2=1.148
- +1: trawick, nd, bnicholes
-
CURRENT RELEASE NOTES:
* Backwards compatibility is expected of future Apache 2.0 releases,
/* Would this overrun our buffer? If so, we'll die. */
if (n < bytes_handled + len) {
*read = bytes_handled;
+ if (*s) {
+ /* ensure this string is terminated */
+ if (bytes_handled < n) {
+ (*s)[bytes_handled] = '\0';
+ }
+ else {
+ (*s)[n-1] = '\0';
+ }
+ }
return APR_ENOSPC;
}
/* Do we have enough space? We may be full now. */
if (bytes_handled >= n) {
*read = n;
+ /* ensure this string is terminated */
+ (*s)[n-1] = '\0';
return APR_ENOSPC;
}
else {
projects / thirdparty / apache / httpd.git / commitdiff
