[buffer] fix length check in buffer_is_equal_right_len

buffer_is_equal_right_len didn't check the length of the second buffer. as all calls in lighttpd used the length of the second buffer as length parameter those calls were not broken. From: Stefan Bühler <stbuehler@web.de> git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2946 152afb58-edef-0310-8abb-c4023f1b3aa9
9 years ago · bf10267807
parent bcd35cc264
commit bf10267807
2 changed files with 2 additions and 1 deletions
--- a/1
+++ b/1
@ -12,6 +12,7 @@ NEWS
  * [mod_magnet] fix memory leak
  * add comments for switch fall throughs
  * remove logical dead code
+  * [buffer] fix length check in buffer_is_equal_right_len

 - 1.4.34
  * [mod_auth] explicitly link ssl for SHA1 (fixes #2517)
--- a/src/buffer.c
+++ b/src/buffer.c
@ -584,7 +584,7 @@ int buffer_is_equal_right_len(buffer *b1, buffer *b2, size_t len) {
 	if (b1->used == 0 || b2->used == 0) return 0;

 	/* buffers too small -> not equal */
-	if (b1->used - 1 < len || b1->used - 1 < len) return 0;
+	if (b1->used - 1 < len || b2->used - 1 < len) return 0;

 	if (0 == strncmp(b1->ptr + b1->used - 1 - len,
 			 b2->ptr + b2->used - 1 - len, len)) {