Fix possible buffer overflow situation in suexec.c.
PS: The PR#2790 provides a few more fixes for problematic things in suexec.c. Because we have to be very carefully here, other should review them, too. That's why I commit only some of the fixes from this patch. The other problem we _really_ have to fix is the docroot-check at line 428. But here the patch from the PR submitter seems to introduce a new problem: It accesses cwd[dlen] which can be out of memory bounds. Here memory bounds have to checked first. So, I would appreciate when someothers look at PR#2790, please. At least the docroot-check _has_ to be fixed by us! But correctly, i.e. without introducing new problems, of course ;_) Submitted by: Jeff Stewart <jws@purdue.edu> Reviewed by: Ralf S. Engelschall PR: 2790 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@82028 13f79535-47bb-0310-9956-ffa450edef68
Please register or sign in to comment