jim 98/05/04 19:57:34
Modified: . STATUS
src CHANGES
src/modules/proxy proxy_util.c
Log:
Submitted by: Jim Jagielski
Reviewed by: Brian Behlendorf
Fix off-by-one error in ap_proxy_date_canon() when we check to see
if 'x' is at least 30-chars wide.
Revision Changes Path
1.371 +3 -7 apache-1.3/STATUS
Index: STATUS
===================================================================
RCS file: /export/home/cvs/apache-1.3/STATUS,v
retrieving revision 1.370
retrieving revision 1.371
diff -u -r1.370 -r1.371
--- STATUS 1998/05/05 02:41:03 1.370
+++ STATUS 1998/05/05 02:57:30 1.371
@@ -11,13 +11,9 @@
FINAL RELEASE SHOWSTOPPERS:
- * proxy security fixes from 1.2.5 need to be brought forward,
- specifically:
- - if (strlen(x) < 30) {
- + if (strlen(x)+1 < 30) {
- x = ap_palloc(p, 30);
- }
- in proxy_util.c.
+ * proxy security fixes from 1.2.5 need to be brought forward.
+ Note: off-by-one error in ap_proxy_date_canon() in
+ proxy_util.c was fixed.
* Someone other than Dean has to do a security/correctness review on
psprintf(), bprintf(), and ap_snprintf(). In particular these routines
1.817 +3 -0 apache-1.3/src/CHANGES
Index: CHANGES
===================================================================
RCS file: /export/home/cvs/apache-1.3/src/CHANGES,v
retrieving revision 1.816
retrieving revision 1.817
diff -u -r1.816 -r1.817
--- CHANGES 1998/05/04 16:28:45 1.816
+++ CHANGES 1998/05/05 02:57:32 1.817
@@ -1,5 +1,8 @@
Changes with Apache 1.3b7
+ *) Fix off-by-one error in ap_proxy_date_canon() in proxy_util.c
+ when ensuring 'x' is at least 30-chars big.
+
*) Fix debug log messages for BS2000/OSD: instead of logging the whole
absolute path, only log base name of logging source as is done
in unix. [Martin Kraemer]
1.60 +1 -1 apache-1.3/src/modules/proxy/proxy_util.c
Index: proxy_util.c
===================================================================
RCS file: /export/home/cvs/apache-1.3/src/modules/proxy/proxy_util.c,v
retrieving revision 1.59
retrieving revision 1.60
diff -u -r1.59 -r1.60
--- proxy_util.c 1998/04/11 12:00:40 1.59
+++ proxy_util.c 1998/05/05 02:57:34 1.60
@@ -353,7 +353,7 @@
if (mon == 12)
return x;
- if (strlen(x) < 30)
+ if (strlen(x)+1 < 30)
x = ap_palloc(p, 30);
ap_snprintf(x, 30, "%s, %.2d %s %d %.2d:%.2d:%.2d GMT", ap_day_snames[wk], mday,
ap_month_snames[mon], year, hour, min, sec);
Modified: . STATUS
src CHANGES
src/modules/proxy proxy_util.c
Log:
Submitted by: Jim Jagielski
Reviewed by: Brian Behlendorf
Fix off-by-one error in ap_proxy_date_canon() when we check to see
if 'x' is at least 30-chars wide.
Revision Changes Path
1.371 +3 -7 apache-1.3/STATUS
Index: STATUS
===================================================================
RCS file: /export/home/cvs/apache-1.3/STATUS,v
retrieving revision 1.370
retrieving revision 1.371
diff -u -r1.370 -r1.371
--- STATUS 1998/05/05 02:41:03 1.370
+++ STATUS 1998/05/05 02:57:30 1.371
@@ -11,13 +11,9 @@
FINAL RELEASE SHOWSTOPPERS:
- * proxy security fixes from 1.2.5 need to be brought forward,
- specifically:
- - if (strlen(x) < 30) {
- + if (strlen(x)+1 < 30) {
- x = ap_palloc(p, 30);
- }
- in proxy_util.c.
+ * proxy security fixes from 1.2.5 need to be brought forward.
+ Note: off-by-one error in ap_proxy_date_canon() in
+ proxy_util.c was fixed.
* Someone other than Dean has to do a security/correctness review on
psprintf(), bprintf(), and ap_snprintf(). In particular these routines
1.817 +3 -0 apache-1.3/src/CHANGES
Index: CHANGES
===================================================================
RCS file: /export/home/cvs/apache-1.3/src/CHANGES,v
retrieving revision 1.816
retrieving revision 1.817
diff -u -r1.816 -r1.817
--- CHANGES 1998/05/04 16:28:45 1.816
+++ CHANGES 1998/05/05 02:57:32 1.817
@@ -1,5 +1,8 @@
Changes with Apache 1.3b7
+ *) Fix off-by-one error in ap_proxy_date_canon() in proxy_util.c
+ when ensuring 'x' is at least 30-chars big.
+
*) Fix debug log messages for BS2000/OSD: instead of logging the whole
absolute path, only log base name of logging source as is done
in unix. [Martin Kraemer]
1.60 +1 -1 apache-1.3/src/modules/proxy/proxy_util.c
Index: proxy_util.c
===================================================================
RCS file: /export/home/cvs/apache-1.3/src/modules/proxy/proxy_util.c,v
retrieving revision 1.59
retrieving revision 1.60
diff -u -r1.59 -r1.60
--- proxy_util.c 1998/04/11 12:00:40 1.59
+++ proxy_util.c 1998/05/05 02:57:34 1.60
@@ -353,7 +353,7 @@
if (mon == 12)
return x;
- if (strlen(x) < 30)
+ if (strlen(x)+1 < 30)
x = ap_palloc(p, 30);
ap_snprintf(x, 30, "%s, %.2d %s %d %.2d:%.2d:%.2d GMT", ap_day_snames[wk], mday,
ap_month_snames[mon], year, hour, min, sec);