Rainer, On 5/31/14, 8:12 AM, rj...@apache.org wrote: > Author: rjung > Date: Sat May 31 12:12:36 2014 > New Revision: 1598864 > > URL: http://svn.apache.org/r1598864 > Log: > Reduce log level for "OPTIONS *" requests > from warning to debug. > > Modified: > tomcat/jk/trunk/native/common/jk_uri_worker_map.c > tomcat/jk/trunk/xdocs/miscellaneous/changelog.xml > > Modified: tomcat/jk/trunk/native/common/jk_uri_worker_map.c > URL: > http://svn.apache.org/viewvc/tomcat/jk/trunk/native/common/jk_uri_worker_map.c?rev=1598864&r1=1598863&r2=1598864&view=diff > ============================================================================== > --- tomcat/jk/trunk/native/common/jk_uri_worker_map.c (original) > +++ tomcat/jk/trunk/native/common/jk_uri_worker_map.c Sat May 31 12:12:36 2014 > @@ -1093,8 +1093,14 @@ const char *map_uri_to_worker_ext(jk_uri > if (index) > *index = -1; > if (*uri != '/') { > - jk_log(l, JK_LOG_WARNING, > - "Uri %s is invalid. Uri must start with /", uri); > + if (*uri == '*' && *(uri+1) == '\0' && JK_IS_DEBUG_LEVEL(l)) {
Potential buffer-read overflow? I'm not sure how else we'd check for string-length, since 'uri' is char* and does not come with an accompanying length parameter, so the only way to check for length would be to explicitly search for \0, which is what you are doing, here. Any reason not to use strcmp instead of manually dereferencing? Performance is a bit of a factor, but manual dereferencing is more error prone. I also agree with Konstantin's review: you need a separate if for the DEBUG log-level check. -chris
signature.asc
Description: OpenPGP digital signature
