From: Jeff Trawick Date: Tue, 12 Mar 2002 11:48:32 +0000 (+0000) Subject: add a comment to point out a potential segfault X-Git-Tag: CHANGES~127 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=89c2a4602039fee26d8c8c0cb934edf4afc392d1;p=apache add a comment to point out a potential segfault tweak an existing comment to make it a little more clear git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@93853 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/modules/mappers/mod_negotiation.c b/modules/mappers/mod_negotiation.c index 70cc1a01bf..376e01183e 100644 --- a/modules/mappers/mod_negotiation.c +++ b/modules/mappers/mod_negotiation.c @@ -804,6 +804,10 @@ static apr_off_t get_body(char *buffer, apr_size_t *len, const char *tag, if (apr_file_read(map, buffer, len) != APR_SUCCESS) { return -1; } + /* XXX next line can go beyond allocated storage and segfault, + * or worse yet go beyond data read but not beyond allocated + * storage and think it found the tag + */ endbody = strstr(buffer, tag); if (!endbody) { return -1; @@ -824,7 +828,7 @@ static apr_off_t get_body(char *buffer, apr_size_t *len, const char *tag, return -1; } - /* Give the caller back the actual body's offset and length */ + /* Give the caller back the actual body's file offset and length */ *len = bodylen; return pos - (endbody - buffer); }