jk_msg_buff.c

mturk Tue, 07 Oct 2008 09:19:30 -0700

Author: mturk
Date: Tue Oct  7 09:18:36 2008
New Revision: 702531

URL: http://svn.apache.org/viewvc?rev=702531&view=rev
Log:
Get rid of invalid sting message parsing. We should mark the entire message as 
invalid. At least we presume in ajp_common that get_bytes can return NULL in 
overflow case


Modified:
    tomcat/connectors/trunk/jk/native/common/jk_msg_buff.c

Modified: tomcat/connectors/trunk/jk/native/common/jk_msg_buff.c
URL: 
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jk/native/common/jk_msg_buff.c?rev=702531&r1=702530&r2=702531&view=diff
==============================================================================
--- tomcat/connectors/trunk/jk/native/common/jk_msg_buff.c (original)
+++ tomcat/connectors/trunk/jk/native/common/jk_msg_buff.c Tue Oct  7 09:18:36 
2008
@@ -275,8 +275,10 @@
     int start = msg->pos;
 
     if ((size == 0xFFFF) || (size + start > msg->maxlen)) {
-        /* TODO: return NULL and deal with that in the code */
-        return (unsigned char *)"ERROR";
+        /* Error of overflow in AJP packet.
+         * The complete message is probably invalid.
+         */
+        return NULL;
     }
 
     msg->pos += size;



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r702531 - /tomcat/connectors/trunk/jk/native/common/jk_msg_buff.c

Reply via email to