From: Randy Terbush <randy@apache.org>
Date: Sun, 12 Jan 1997 00:45:54 +0000 (+0000)
Subject: Fix a buffer overflow problem which could allow unauthorized access.
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a3105d42c001c4ed922a89c4eb818da3b50747c3;p=thirdparty%2Fapache%2Fhttpd.git

Fix a buffer overflow problem which could allow unauthorized access.
Reviewed by: Marc Slemko, Randy Terbush, Ben Laurie
Submitted by: Alfred Huger <ahuger@secnet.com>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3@77419 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/RELEASE_1_1_X/src/mod_cookies.c b/RELEASE_1_1_X/src/mod_cookies.c
index e490a13d42e..b94a172d6c4 100644
--- a/RELEASE_1_1_X/src/mod_cookies.c
+++ b/RELEASE_1_1_X/src/mod_cookies.c
@@ -119,7 +119,7 @@ typedef struct {
 void make_cookie(request_rec *r)
 {
     struct timeval tv;
-    char new_cookie[100];	/* blurgh */
+    char new_cookie[1024];	/* blurgh */
     char *dot;
     const char *rname = pstrdup(r->pool, 
 				get_remote_host(r->connection, r->per_dir_config,
@@ -128,6 +128,9 @@ void make_cookie(request_rec *r)
     struct timezone tz = { 0 , 0 };
 
     if ((dot = strchr(rname,'.'))) *dot='\0';	/* First bit of hostname */
+    if (strlen (rname) > 255)
+      rname[256] = 0;
+
     gettimeofday(&tv, &tz);
     sprintf(new_cookie,"%s%s%d%ld%d; path=/",
         COOKIE_NAME, rname,