I just released 1.3d which fixes this and one other bug.
Niels.
On 8/14/07, Niels Provos <[EMAIL PROTECTED]> wrote:
> This has been fixed in trunk already. There is going to be a new
> release soon - I have been traveling for the last week. This was a
> pretty dumb bug and shows why unittesting is really important.
>
> Niels.
>
> On 8/13/07, Charles Kerr <[EMAIL PROTECTED]> wrote:
> > 1.3c's evhttp_add_header() function has a pretty nasty bug that
> > can cause valid headers to be rejected out of hand, and also can
> > cause parsing of incoming messages to fail. The problem is
> > that strchr() is being passed two strings, rather than a string
> > and a character.
> >
> > --- http.c.bak 2007-08-13 22:51:30.000000000 -0500
> > +++ http.c 2007-08-13 22:51:44.000000000 -0500
> > @@ -1122,7 +1122,7 @@
> > {
> > struct evkeyval *header;
> >
> > - if (strchr(value, "\r") != NULL || strchr(value, "\n") != NULL) {
> > + if (strchr(value, '\r') != NULL || strchr(value, '\n') != NULL) {
> > /* drop illegal headers */
> > return (-1);
> > }
> >
> > cheers,
> > Charles
> > _______________________________________________
> > Libevent-users mailing list
> > Libevent-users@monkey.org
> > http://monkey.org/mailman/listinfo/libevent-users
> >
> >
>
_______________________________________________
Libevent-users mailing list
Libevent-users@monkey.org
http://monkey.org/mailman/listinfo/libevent-users
