Re: gwlib/http.c patch

2009-03-30 Thread Alexander Malysh
hi, yes, you are right, commited to cvs ;) Thanks, Alex Am 30.03.2009 um 16:50 schrieb Vincent CHAVANIS: We should in that case also patch *http_header_value() Vincent. Alexander Malysh a écrit : hi, yes, you are right here. it doesn't crash only due to the octstr_copy length adjust.

Re: gwlib/http.c patch

2009-03-30 Thread Nikos Balkanas
By all means! Good eyes. +1 Nikos - Original Message - From: "Vincent CHAVANIS" To: Sent: Monday, March 30, 2009 5:50 PM Subject: Re: gwlib/http.c patch We should in that case also patch *http_header_value() Vincent. Alexander Malysh a ιcrit : hi, yes, you are righ

Re: gwlib/http.c patch

2009-03-30 Thread Vincent CHAVANIS
We should in that case also patch *http_header_value() Vincent. Alexander Malysh a écrit : hi, yes, you are right here. it doesn't crash only due to the octstr_copy length adjust. Patch applied to cvs. Thanks, Alex Am 27.03.2009 um 18:30 schrieb Nikos Balkanas: Hi, A small patch tha

Re: gwlib/http.c patch

2009-03-29 Thread Alexander Malysh
hi, yes, you are right here. it doesn't crash only due to the octstr_copy length adjust. Patch applied to cvs. Thanks, Alex Am 27.03.2009 um 18:30 schrieb Nikos Balkanas: Hi, A small patch that left as it is should lead to memory corruption. I have not tested the broken code but it see

Re: gwlib/http.c patch

2009-03-27 Thread Nikos Balkanas
the end. Unfortunately, I don't have time for a test right now, it will take a couple of weeks before I can do it, however it is seems pretty obvious to me. BR, Nikos - Original Message - From: "Stipe Tolj" Cc: Sent: Friday, March 27, 2009 10:47 PM Subject: Re:

Re: gwlib/http.c patch

2009-03-27 Thread Stipe Tolj
Nikos Balkanas schrieb: > > The mistake here is that this is done with memcpy, which will copy all > bits without checking. It is not writing, therefore no memory > corruption, as I stated, but the copied data in Octstr is invalid and > has the wrong length. Not a biggie if you are using it as a C

Re: gwlib/http.c patch

2009-03-27 Thread Nikos Balkanas
if you use it as Octstr. BR, Nikos - Original Message - From: "Vincent CHAVANIS" To: "Nikos Balkanas" Cc: Sent: Friday, March 27, 2009 10:05 PM Subject: Re: gwlib/http.c patch Hi nikos, I could not understand this patch !? If `from+len' is after th

Re: gwlib/http.c patch

2009-03-27 Thread Vincent CHAVANIS
Hi nikos, I could not understand this patch !? If `from+len' is after the end of `ostr', `len' is reduced appropriately. So what's wrong here ? Vincent. Nikos Balkanas a écrit : Hi, A small patch that left as it is should lead to memory corruption. I have not tested the broken code but it

gwlib/http.c patch

2009-03-27 Thread Nikos Balkanas
Hi, A small patch that left as it is should lead to memory corruption. I have not tested the broken code but it seems quite obvious to me. Please vote & decide. BR, Nikos http.diff Description: Binary data