Re: Solaris sed based apache filtering module (mod_sed)

Wed, 30 Apr 2008 12:03:01 -0700 

Fixed the following 2 bugs :
1. ycomp may use uninitialized memory (This might have result in apache
   crash when used with y// sed commands).
2. Fixed windows compilation issue (Thanks to Steffen <[EMAIL PROTECTED]> for 
providing
   the patch).

List of affected files :
regexp.c mod_sed.c sed0.c

Code has been updated and can be obtained by mercurial as :
$ hg clone ssh://[EMAIL PROTECTED]/hg/webstack/mod_sed

It should soon be visible at :
http://src.opensolaris.org/source/xref/webstack/mod_sed/

Diff is attached.

Regards,
Basant.

--------------------------------------------------------------
diff -r 1a157e46cd86 mod_sed.c
--- a/mod_sed.c Thu Apr 24 17:26:08 2008 -0700
+++ b/mod_sed.c Wed Apr 30 11:50:54 2008 -0700
@@ -79,6 +79,7 @@ static void flush_output_buffer(sed_filt
 {
     int size = ctx->curoutbuf - ctx->outbuf;
     char *out;
+    apr_bucket *b;
     if (size + sz <= 0)
         return;
     out = apr_palloc(ctx->r->pool, size + sz);
@@ -90,8 +91,8 @@ static void flush_output_buffer(sed_filt
     }
     /* Reset the output buffer position */
     ctx->curoutbuf = ctx->outbuf;
-    apr_bucket *b = apr_bucket_pool_create(out, size + sz, ctx->r->pool,
-                                           ctx->r->connection->bucket_alloc);
+    b = apr_bucket_pool_create(out, size + sz, ctx->r->pool,
+                               ctx->r->connection->bucket_alloc);
     APR_BRIGADE_INSERT_TAIL(ctx->bb, b);
 }

diff -r 1a157e46cd86 regexp.c
--- a/regexp.c  Thu Apr 24 17:26:08 2008 -0700
+++ b/regexp.c  Wed Apr 30 11:50:54 2008 -0700
@@ -307,7 +307,7 @@ char *sed_compile(sed_commands_t *comman
                     if (cflg++)
                         SEDCOMPILE_ERROR(44);
                     if ((c = GETC()) == '\\')
-                        *ep++ = 255;
+                        *ep++ = (char) 255;
                     else {
                         UNGETC(c);
                         goto nlim;
diff -r 1a157e46cd86 sed0.c
--- a/sed0.c    Thu Apr 24 17:26:08 2008 -0700
+++ b/sed0.c    Wed Apr 30 11:50:54 2008 -0700
@@ -68,7 +68,7 @@ apr_status_t sed_init_commands(sed_comma
     commands->lab = commands->labtab + 1;
     commands->pool = p;

-    commands->respace = apr_palloc(p, RESIZE);
+    commands->respace = apr_pcalloc(p, RESIZE);
     if (commands->respace == NULL) {
         command_errf(commands, SEDERR_OOMMES);
         return APR_EGENERAL;
@@ -945,6 +945,7 @@ static char *ycomp(sed_commands_t *comma
         }
     }
     tsp++;
+    memset(ep, 0, 0400);

     while((c = *sp++) != commands->sseof) {
         c &= 0377;

Reply via email to