Hi all,
While using cgilib, I've run into two bugs that appear to still exist in the
repository that is browseable from your website, so I thought you would like
to know about them. Patches are included.
First, there is a spurious 'extern' keyword just prior to the closing brace of
the conditionally-compiled extern block in cgi.h. This causes C++ programs
using cgilib to fail to compile. The first patch removes this.
Second, in the cgiSetHeader function in cgi.c, there is an off-by-one error in
the third (length) argument supplied to strncpy. Unlike strncat, strncpy is
not guaranteed to produce a nul-terminated string if there is no nul byte
found in the source string before reaching the maximum length specified.
Since strncat is called on a string that was just previously assigned to point
into uninitialized memory, it often ends up _not_ being nul-terminated and
causes segmentation faults. The second patch fixes the off-by-one error.
-- Tyler McHenry
This archive was generated by hypermail 2.2.0 : Sat Jun 13 2009 - 03:19:22 CEST