From: Paul Querna Date: Sat, 10 Jul 2004 07:18:50 +0000 (+0000) Subject: Small fix on ab's use of sprintf(). X-Git-Tag: pre_ajp_proxy~85 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=7dbfadb1b1f5a07db0052d8a10d1c229224bff15;p=apache Small fix on ab's use of sprintf(). PR: 28204 Submitted by: Erik Weide git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@104217 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index fd766ebcc4..29cea60dcb 100644 --- a/CHANGES +++ b/CHANGES @@ -2,6 +2,9 @@ Changes with Apache 2.1.0-dev [Remove entries to the current 2.0 section below, when backported] + *) ab: Handle long URLs with an error instead of an buffer overflow. + PR 28204. [Erik Weide , Paul Querna] + *) mod_so, core: Add new command line options to print all loaded modules. '-t -D DUMP_MODULES' and '-M' will show all static and shared modules as loaded from the configuration file. diff --git a/support/ab.c b/support/ab.c index 1737919059..c623a141b2 100644 --- a/support/ab.c +++ b/support/ab.c @@ -313,7 +313,7 @@ int err_response = 0; apr_time_t start, endtime; /* global request (and its length) */ -char _request[512]; +char _request[2048]; char *request = _request; apr_size_t reqlen; @@ -1536,6 +1536,7 @@ static void test(void) apr_int16_t rv; long i; apr_status_t status; + int snprintf_res = 0; #ifdef NOT_ASCII apr_size_t inbytes_left, outbytes_left; #endif @@ -1570,7 +1571,8 @@ static void test(void) /* setup request */ if (posting <= 0) { - sprintf(request, "%s %s HTTP/1.0\r\n" + snprintf_res = apr_snprintf(request, sizeof(_request), + "%s %s HTTP/1.0\r\n" "User-Agent: ApacheBench/%s\r\n" "%s" "%s" "%s" "Host: %s%s\r\n" @@ -1583,7 +1585,8 @@ static void test(void) cookie, auth, host_field, colonhost, hdrs); } else { - sprintf(request, "POST %s HTTP/1.0\r\n" + snprintf_res = apr_snprintf(request, sizeof(_request), + "POST %s HTTP/1.0\r\n" "User-Agent: ApacheBench/%s\r\n" "%s" "%s" "%s" "Host: %s%s\r\n" @@ -1599,6 +1602,9 @@ static void test(void) host_field, colonhost, postlen, (content_type[0]) ? content_type : "text/plain", hdrs); } + if (snprintf_res >= sizeof(_request)) { + err("Request too long\n"); + } if (verbosity >= 2) printf("INFO: POST header == \n---\n%s\n---\n", request); @@ -1789,14 +1795,14 @@ static void test(void) static void copyright(void) { if (!use_html) { - printf("This is ApacheBench, Version %s\n", AP_AB_BASEREVISION " <$Revision: 1.145 $> apache-2.0"); + printf("This is ApacheBench, Version %s\n", AP_AB_BASEREVISION " <$Revision: 1.146 $> apache-2.0"); printf("Copyright (c) 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/\n"); printf("Copyright (c) 1998-2002 The Apache Software Foundation, http://www.apache.org/\n"); printf("\n"); } else { printf("

\n"); - printf(" This is ApacheBench, Version %s <%s> apache-2.0
\n", AP_AB_BASEREVISION, "$Revision: 1.145 $"); + printf(" This is ApacheBench, Version %s <%s> apache-2.0
\n", AP_AB_BASEREVISION, "$Revision: 1.146 $"); printf(" Copyright (c) 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
\n"); printf(" Copyright (c) 1998-2002 The Apache Software Foundation, http://www.apache.org/
\n"); printf("

\n

\n");