[prev in list] [next in list] [prev in thread] [next in thread]
List: helix-server-cvs
Subject: [Server-cvs] access/auth/ppvbasic ppvbasic.cpp,1.4,1.4.28.1
From: dcollins () helixcommunity ! org
Date: 2011-02-19 2:57:08
Message-ID: 201102190256.p1J2ut45006750 () mailer ! progressive-comp ! com
[Download RAW message or body]
Update of /cvsroot/server/access/auth/ppvbasic
In directory cvs01.internal.helixcommunity.org:/tmp/cvs-serv22539/server/access/auth/ppvbasic
Modified Files:
Tag: SERVER_14_2
ppvbasic.cpp
Log Message:
Synopsis
========
Fix a CA in CPPVText::GetRedirect() (related to PR 269038)
Branches: HEAD, SERVER_14_2_RN
Reviewer: Chytanya
Description
===========
Fix a CA in CPPVText::GetRedirect() (related to PR 269038)
Files Affected
==============
server/access/auth/ppvbasic/ppvbasic.cpp
Testing Performed
=================
Unit Tests:
- N/A
Integration Tests:
- Tested using the helix-poc.py script in the PR, modified as described in the PR.
Leak Tests:
- N/A
Performance Tests:
- N/A
Platforms Tested: linux-rhel5-x86_64
Builds Verified: linux-rhel5-x86_64
QA Hints
========
- Fix affects PPV on all platforms.
Index: ppvbasic.cpp
===================================================================
RCS file: /cvsroot/server/access/auth/ppvbasic/ppvbasic.cpp,v
retrieving revision 1.4
retrieving revision 1.4.28.1
diff -u -d -r1.4 -r1.4.28.1
--- ppvbasic.cpp 21 Mar 2008 04:46:05 -0000 1.4
+++ ppvbasic.cpp 19 Feb 2011 02:57:05 -0000 1.4.28.1
@@ -2389,16 +2389,17 @@
return HXR_FAIL;
}
+#define PPVTEMPBUFSIZE 4095
STDMETHODIMP
CPPVText::GetRedirect(const char* pURL, char* pURLRedirect, UINT32 ulLen)
{
int f;
- char pTemp[4096] = { 0 };
- char pTemp2[4096] = { 0 };
+ char pTemp[PPVTEMPBUFSIZE+1] = { 0 };
+ char pTemp2[PPVTEMPBUFSIZE+1] = { 0 };
char* pTempC = pTemp;
- for(int i = 0; pURL[i]; i++)
+ for(int i = 0; pURL[i] && pTempC - pTemp < PPVTEMPBUFSIZE - 3; i++)
{
if ((pURL[i] == '/') || (pURL[i] == '\\') || (pURL[i] == '+'))
{
@@ -2409,7 +2410,8 @@
*(pTempC++) = pURL[i];
}
- sprintf (pTemp2, "%-.500s/redirect/%-.500s", \
(char*)m_StringDBLocation.GetBuffer(0), pTemp); + snprintf (pTemp2, \
PPVTEMPBUFSIZE, "%-.500s/redirect/%-.500s", (char*)m_StringDBLocation.GetBuffer(0), \
pTemp); + pTemp2[PPVTEMPBUFSIZE] = '\0';
f = open(pTemp2, O_RDONLY);
if (f >= 0)
_______________________________________________
Server-cvs mailing list
Server-cvs@helixcommunity.org
http://lists.helixcommunity.org/mailman/listinfo/server-cvs
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic