Martin Kraemer wrote:
> Hi.
>
> While looking at ajp_header.c, I realized that its method of parsing
> the header line tokens is flakey: it uses memcmp() to check, e.g.,
> whether the header token is "Accept-Charset:", by uppercasing the
> token name (-> "ACCEPT-CHARSET"), then compares the initial "ACCEPT-"
> prefix, and then tests:
> if (memcmp(p, "CHARSET", 7) == 0) return SC_ACCEPT_CHARSET;
> but does not verify that the end of the token has been reached.
>
> Thus, a header
> Accept-CharsetXXX-Blah: utf-8
> would be mistaken for an "Accept-Charset: utf-8".
>
> Same goes for a couple of other header names.
> The patch replaces the memcmp by a strcmp to check for the trailing
> NIL character, too.
>
> Also, IMO it is better to replace memcmp by strncasecmp in the test
> - if (memcmp(stringname, "Content-Type", 12) == 0) {
> + if (strncasecmp(stringname, "Content-Type", 12) == 0) {
>
> WDYT?
+1 mod_jk fixed it by additing one to each length, that is probably more
efficent, no?
Cheers
Jean-Frederic
>
> Martin
>
