The code change was brought to my attention by sans.org (for
vulnerability CVE 2007-0774). No offense intended but the fix seems a
little inefficient.
It shows the fix coded as:
for (i = 0; i < strlen(uri); i++) {
if (i == JK_MAX_URI_LEN) {
jk_log(l, JK_LOG_WARNING,
"Uri %s is invalid. Uri must be smaller then %d
chars",
uri, JK_MAX_URI_LEN);
JK_TRACE_EXIT(l);
return NULL;
}
if (uri[i] == ';')
break;
else
url[i] = uri[i];
}
Wouldn't it be better to be coded as something like this?
int uriLen = strlen( uri );
if ( uriLen >= JK_MAX_URI_LEN) {
jk_log(l, JK_LOG_WARNING,
"Uri %s is invalid. Uri must be smaller then %d chars",
uri, JK_MAX_URI_LEN);
JK_TRACE_EXIT(l);
return NULL;
}
for (i = 0; i < uriLen; i++) {
if (uri[i] == ';')
break;
else
url[i] = uri[i];
}
The check would then only be done once instead of for each character.
Not sure about logging the whole thing either but I'm just an observer.
Sorry but I'm not ready to dive in and make the change myself at this
time.
...chris.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
