Re: thttpd 2.04 released (fwd)

[rhialto () POLDER UBC KUN NL (Olaf Seibert)]

Marc Slemko <marcs () ZNEP COM> forwarded this from Jef Poskanzer <jef () acme com>:
> *** /tmp/,RCSt101alaP   Mon Aug 10 19:09:49 1998
> --- libhttpd.c  Mon Aug 10 19:09:31 1998
> ***************
> *** 975,980 ****
> --- 975,986 ----
>       (void) strcpy( rest, path );
>       if ( rest[restlen - 1] == '/' )
>         rest[--restlen] = '\0';         /* trim trailing slash */
> +     /* Remove any leading slashes. */
> +     while ( rest[0] == '/' )
> +       {
> +       (void) strcpy( rest, &(rest[1]) );
> +       --restlen;
> +       }
>       r = rest;
>       nlinks = 0;

I'm afraid this is incorrect too but in a more subtle manner. You cannot
use strcpy to copy overlapping strings, as is done here. (Proving this from
the ISO C standard is left as an exercise for the reader).

Use memmove(rest, &rest[1], restlen+1-1) instead. (+1 to include the \0
terminator, -1 because we copy a string that's 1 character shorter than
rest.)

-Olaf.
--
___ Olaf 'Rhialto' Seibert - rhialto () polder ubc. ---- Unauthorized duplication,
\X/ .kun.nl ---- while sometimes necessary, is never as good as the real thing.