https://bz.apache.org/bugzilla/show_bug.cgi?id=64727
Bug ID: 64727
Summary: NPD bug caused by function dav_fs_dir_file_name
Product: Apache httpd-2
Version: 2.4-HEAD
Hardware: PC
OS: Mac OS X 10.1
Status: NEW
Severity: normal
Priority: P2
Component: mod_dav
Assignee: [email protected]
Reporter: [email protected]
CC: [email protected]
Target Milestone: ---
Created attachment 37441
--> https://bz.apache.org/bugzilla/attachment.cgi?id=37441&action=edit
Clear explanation of bug trace
Hi guys,
We have found a NULL Pointer Dereference Bug as follows.
Bug description: `dav_buffer_append` dereferences `str` at line 155 in
`modules/dav/main/util.c`, while `str` is potentially empty string
Root cause: `*fname_p = NULL` in the function `dav_fs_dir_file_name` defined in
`modules/dav/fs/repos.c`
It would be better if `str` is checked to determined whether it is NULL or not
exactly before line 155. For the convenience, we attach the calling traces in
the attachements. The marks can demonstrate that it is a true bug.
Looking forward to your reply. Hope it can be fixed to assure the security and
quality of the software. Thank you for your effort and have a nice day.
Best regards
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
