Hi, Guenter Knauf schrieb: > another problem I see here is that MAX_STRING_LEN = 8192 bytes, that > means that already 6*8k are allocated from stack which is a problem at > least on NetWare, as already discussed here back in 2001: > http://mail-archives.apache.org/mod_mbox/httpd-dev/200107.mbox/%[email protected]%3e > I think for such things like username, password, realm we dont need to > expect more than 256 bytes, but even if we want to be super-save it > would be enough to reserve 512 bytes; so cant we introduce a new define > like: > #define SMALL_STRING_LEN 256 > and use this instead within the auth modules for username, password, realm? > 1,5k <-> 48k is a huge difference ... just to carify: it was more that I thought I post about this when I saw the MAX_STRING_LEN * X usage - here in this special case with htdigest.c its most likely not a problem since its only a support program; however I did a wuick search through sources, and found some other places in auth modules (not looked yet further) where I expect this more critical.
Gün.
