Bugtraq mailing list archives
Re: thttpd 2.04 released (fwd)
From: rhialto () POLDER UBC KUN NL (Olaf Seibert)
Date: Thu, 20 Aug 1998 12:39:31 +0200
Marc Slemko <marcs () ZNEP COM> forwarded this from Jef Poskanzer <jef () acme com>:
*** /tmp/,RCSt101alaP Mon Aug 10 19:09:49 1998 --- libhttpd.c Mon Aug 10 19:09:31 1998 *************** *** 975,980 **** --- 975,986 ---- (void) strcpy( rest, path ); if ( rest[restlen - 1] == '/' ) rest[--restlen] = '\0'; /* trim trailing slash */ + /* Remove any leading slashes. */ + while ( rest[0] == '/' ) + { + (void) strcpy( rest, &(rest[1]) ); + --restlen; + } r = rest; nlinks = 0;
I'm afraid this is incorrect too but in a more subtle manner. You cannot use strcpy to copy overlapping strings, as is done here. (Proving this from the ISO C standard is left as an exercise for the reader). Use memmove(rest, &rest[1], restlen+1-1) instead. (+1 to include the \0 terminator, -1 because we copy a string that's 1 character shorter than rest.) -Olaf. -- ___ Olaf 'Rhialto' Seibert - rhialto () polder ubc. ---- Unauthorized duplication, \X/ .kun.nl ---- while sometimes necessary, is never as good as the real thing.
Current thread:
- Re: thttpd 2.04 released (fwd) Olaf Seibert (Aug 20)