Browse Source

[buffer] fix length check in buffer_is_equal_right_len

buffer_is_equal_right_len didn't check the length of the second
  buffer. as all calls in lighttpd used the length of the second buffer
  as length parameter those calls were not broken.

From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2946 152afb58-edef-0310-8abb-c4023f1b3aa9
svn/tags/lighttpd-1.4.35
Stefan Bühler 8 years ago
parent
commit
bf10267807
  1. 1
      NEWS
  2. 2
      src/buffer.c

1
NEWS

@ -12,6 +12,7 @@ NEWS
* [mod_magnet] fix memory leak
* add comments for switch fall throughs
* remove logical dead code
* [buffer] fix length check in buffer_is_equal_right_len
- 1.4.34
* [mod_auth] explicitly link ssl for SHA1 (fixes #2517)

2
src/buffer.c

@ -584,7 +584,7 @@ int buffer_is_equal_right_len(buffer *b1, buffer *b2, size_t len) {
if (b1->used == 0 || b2->used == 0) return 0;
/* buffers too small -> not equal */
if (b1->used - 1 < len || b1->used - 1 < len) return 0;
if (b1->used - 1 < len || b2->used - 1 < len) return 0;
if (0 == strncmp(b1->ptr + b1->used - 1 - len,
b2->ptr + b2->used - 1 - len, len)) {

Loading…
Cancel
Save