Date: Tue, 6 Feb 2001 16:30:07 -0800 (PST) From: "Scot W. Hetzel" <hetzels@westbend.net> To: freebsd-ports@FreeBSD.org Subject: Re: ports/24912: www/apache13-fp has buggy mod_frontpage.c Message-ID: <200102070030.f170U7Q17277@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/24912; it has been noted by GNATS. From: "Scot W. Hetzel" <hetzels@westbend.net> To: <matt@gsicomp.on.ca>, <FreeBSD-gnats-submit@FreeBSD.ORG> Cc: Subject: Re: ports/24912: www/apache13-fp has buggy mod_frontpage.c Date: Tue, 6 Feb 2001 18:25:56 -0600 From: <matt@gsicomp.on.ca> > >Description: > > Line 637 of mod_frontpage.c has a sprintf() statement which has three > format modifiers (%-.0124s, %d, %d) but only provides TWO variables > which causes sprintf() to segfault. > No, it only has two format modifiers, \"\%-.0124s\" is not supposed to be a format modifier in this sprintf command, instead it is supposed to be used as a format modifier in the "LogFrontPageError" routine. > The format modifier '%-.0124s' is also obviously incorrect, and > should be '%-.1024s' instead. > Yes, it should be 1024 instead of 0124. > --- files/mod_frontpage.c.orig Tue Feb 6 16:49:05 2001 > +++ files/mod_frontpage.c Tue Feb 6 16:49:28 2001 > @@ -634,7 +634,7 @@ > * the owners and groups of both directories to match, and have both a > * uid and gid in the allowable range. > */ > - sprintf(szFormat, "Incorrect permissions on webroot \"\%-.0124s\" and webroot's _vti_pvt directory, the owners and groups must match and have a uid >= %d and gid >= %d", LOWEST_VALID_UID, LOWEST_VALID_GID); The purpose of this sprintf statement is to put the LOWST_VALID_[UID|GID] into szFormat. > LogFrontPageError(r->server, szFormat, > szBuf, "FrontPageAlias()", FALSE); > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200102070030.f170U7Q17277>