On Sun, Jan 18, 2009 at 11:22:27AM +0800, Spike Spiegel wrote:
the comment should be removed since the +1 is there:
+ /* +1 not needed as q-p is already accounting for that */
+ element = malloc(len + 1);
Committed revision 1950
other than that looks good to me.
could you
On Tue, Jan 13, 2009 at 11:41:19PM +0800, Spike Spiegel wrote:
=== DoS attacks
1) Given REQUESTLEN=2048, and 3 characters to be the minimum to craft a valid
and nonexistent path /x, with the above feature implemented it would be
possible to trigger 2048/3 calls to process_path which would
On Sun, Jan 18, 2009 at 7:35 PM, Carlo Marcelo Arenas Belon
care...@sajinet.com.pe wrote:
other than that looks good to me.
could you check the simplified one?, this problem was introduced in
2003 and therefore affects all versions of ganglia since then (including
2.5.7 which is not supported
On Sun, Jan 18, 2009 at 09:53:32PM +0800, Spike Spiegel wrote:
On Sun, Jan 18, 2009 at 7:35 PM, Carlo Marcelo Arenas Belon
care...@sajinet.com.pe wrote:
other than that looks good to me.
could you check the simplified one?, this problem was introduced in
2003 and therefore affects all
On Mon, Jan 19, 2009 at 5:44 AM, Carlo Marcelo Arenas Belon
care...@sajinet.com.pe wrote:
agree, but that is to be done in the context of getting multi-patch
committed and backported, but not in fixing this buffer overflow in the
interactive port, which is what BUG223 is about.
ok, guess I'll
