Check-in [e25a9d7fae]
Overview
Comment:Fixed potential buffer bounds issues
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: e25a9d7fae521a8867bcb9f6b87add08bcff3db1
User & Date: rkeene on 2006-12-15 23:15:57
Other Links: manifest | tags
Context
2006-12-15
23:33
Added additional bounds checking to conf_apache (needs more) check-in: b83e2d07b5 user: rkeene tags: trunk
23:15
Fixed potential buffer bounds issues check-in: e25a9d7fae user: rkeene tags: trunk
2006-12-12
15:31
Added script to build web-based man pages check-in: 6cc2f2abd9 user: rkeene tags: trunk
Changes

Modified conf_apache.c from [e2ab7d44f3] to [dc1e53e03b].

279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
		/* Find the command and the data in the line. */
		sep = strpbrk(linebuf_ptr, " \t");
		if (sep != NULL) {
			cmdend = sep;

			/* Delete space at the end of the command. */
			cmdend--; /* It currently derefs to the seperator.. */
			while (*cmdend <= ' ') {
				*cmdend = '\0';
				cmdend--;
			}

			/* Delete the seperator char and any leading space. */
			*sep = '\0';
			sep++;







|







279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
		/* Find the command and the data in the line. */
		sep = strpbrk(linebuf_ptr, " \t");
		if (sep != NULL) {
			cmdend = sep;

			/* Delete space at the end of the command. */
			cmdend--; /* It currently derefs to the seperator.. */
			while (*cmdend <= ' ' && cmdend >= sep) {
				*cmdend = '\0';
				cmdend--;
			}

			/* Delete the seperator char and any leading space. */
			*sep = '\0';
			sep++;

Modified conf_section.c from [291ca9d7b9] to [21e783ce9c].

135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
			fprintf(stderr, "Invalid line: \"%s\"\n", linebuf);
#endif
			continue;
		}

		/* Delete space at the end of the command. */
		cmdend--; /* It currently derefs to the seperator.. */
		while (*cmdend <= ' ') {
			*cmdend = '\0';
			cmdend--;
		}

		cmd = linebuf_ptr;

		/* Delete the seperator char and any leading space. */







|







135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
			fprintf(stderr, "Invalid line: \"%s\"\n", linebuf);
#endif
			continue;
		}

		/* Delete space at the end of the command. */
		cmdend--; /* It currently derefs to the seperator.. */
		while (*cmdend <= ' ' && cmdend >= sep) {
			*cmdend = '\0';
			cmdend--;
		}

		cmd = linebuf_ptr;

		/* Delete the seperator char and any leading space. */