Received: (qmail 24424 invoked by uid 2012); 23 Oct 1998 21:10:15 -0000 Message-Id: <19981023211015.24423.qmail@hyperreal.org> Date: 23 Oct 1998 21:10:15 -0000 From: Henry Pasternack Reply-To: henryp@us.ibm.com To: apbugs@hyperreal.org Subject: Probable source code error in ap_cfg_getline() X-Send-Pr-Version: 3.2 >Number: 3283 >Category: apache-api >Synopsis: Probable source code error in ap_cfg_getline() >Confidential: no >Severity: serious >Priority: medium >Responsible: apache >State: closed >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Fri Oct 23 14:20:01 PDT 1998 >Last-Modified: Thu Apr 29 10:35:35 PDT 1999 >Originator: henryp@us.ibm.com >Organization: >Release: 1.3.3 >Environment: apache_1.3.3/src/main/util.c >Description: Line 855 of util.c in routine ap_cfg_getline(): cbuf = cp; cbufsize -= (cp-cbuf); This code occurs in the part of the routine that stitches lines together when a continuation character is detected. The intent of the two statements is to reposition the buffer to the start of the next line and decrement the buffer size by the number of characters input on the previous line. But (cp-cbuf) will always be zero, so cbufsize will remain constant. >How-To-Repeat: I haven't observed a problem in real life. Presumably it would only occur in the case where a directive and its arguments were thousands of characters long. Or maybe I'm just reading the code wrong. >Fix: Reverse the order of the two statements. >Audit-Trail: State-Changed-From-To: open-closed State-Changed-By: coar State-Changed-When: Thu Apr 29 10:35:31 PDT 1999 State-Changed-Why: This was fixed after 1.3.4. Thanks for the report! >Unformatted: [In order for any reply to be added to the PR database, ] [you need to include in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ] [If you do not include this Cc, your reply may be ig- ] [nored unless you are responding to an explicit request ] [from a developer. ] [Reply only with text; DO NOT SEND ATTACHMENTS! ]