From 89c2a4602039fee26d8c8c0cb934edf4afc392d1 Mon Sep 17 00:00:00 2001 From: Jeff Trawick Date: Tue, 12 Mar 2002 11:48:32 +0000 Subject: [PATCH] add a comment to point out a potential segfault tweak an existing comment to make it a little more clear git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@93853 13f79535-47bb-0310-9956-ffa450edef68 --- modules/mappers/mod_negotiation.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/modules/mappers/mod_negotiation.c b/modules/mappers/mod_negotiation.c index 70cc1a01bf..376e01183e 100644 --- a/modules/mappers/mod_negotiation.c +++ b/modules/mappers/mod_negotiation.c @@ -804,6 +804,10 @@ static apr_off_t get_body(char *buffer, apr_size_t *len, const char *tag, if (apr_file_read(map, buffer, len) != APR_SUCCESS) { return -1; } + /* XXX next line can go beyond allocated storage and segfault, + * or worse yet go beyond data read but not beyond allocated + * storage and think it found the tag + */ endbody = strstr(buffer, tag); if (!endbody) { return -1; @@ -824,7 +828,7 @@ static apr_off_t get_body(char *buffer, apr_size_t *len, const char *tag, return -1; } - /* Give the caller back the actual body's offset and length */ + /* Give the caller back the actual body's file offset and length */ *len = bodylen; return pos - (endbody - buffer); } -- 2.40.0