dgaudet 97/12/20 15:44:31
Modified: src CHANGES src/main http_protocol.c Log: Fix memory corruption caused by allocating auth usernames in the wrong pool. PR: 1500 Reviewed by: Martin Kraemer, Jim Jagielski Revision Changes Path 1.533 +3 -0 apachen/src/CHANGES Index: CHANGES =================================================================== RCS file: /export/home/cvs/apachen/src/CHANGES,v retrieving revision 1.532 retrieving revision 1.533 diff -u -r1.532 -r1.533 --- CHANGES 1997/12/19 23:52:58 1.532 +++ CHANGES 1997/12/20 23:44:28 1.533 @@ -1,5 +1,8 @@ Changes with Apache 1.3b4 + *) Fix memory corruption caused by allocating auth usernames in the + wrong pool. [Dean Gaudet] PR#1500 + *) Fix an off-by-1, and an unterminated string error in mod_mime_magic. [Dean Gaudet] 1.170 +5 -1 apachen/src/main/http_protocol.c Index: http_protocol.c =================================================================== RCS file: /export/home/cvs/apachen/src/main/http_protocol.c,v retrieving revision 1.169 retrieving revision 1.170 diff -u -r1.169 -r1.170 --- http_protocol.c 1997/11/01 22:24:08 1.169 +++ http_protocol.c 1997/12/20 23:44:30 1.170 @@ -952,7 +952,11 @@ } t = uudecode(r->pool, auth_line); - r->connection->user = getword_nulls_nc(r->pool, &t, ':'); + /* Note that this allocation has to be made from r->connection->pool + * because it has the lifetime of the connection. The other allocations + * are temporary and can be tossed away any time. + */ + r->connection->user = getword_nulls_nc (r->connection->pool, &t, ':'); r->connection->auth_type = "Basic"; *pw = t;