Bugtraq mailing list archives
Re: Fixing the NCSA HTTPD 1.3
From: Dan_Thorson () notes seagate com (Dan Thorson )
Date: 14 Feb 95 14:23:54 EDT
I haven't checked everything yet, but... Did you see the CIAC bulletin? They only recommened the setting of MAX_STRING_LEN and HUGE_STRING_LEN to be equal. Hmmm. Perhaps they didn't see the sprintf's in log_transaction() [for example, in http_log.c])? I've called CIAC & let them know. Your fix may be more complete, but time will tell if it's enough.
Current thread:
- Re: Fixing the NCSA HTTPD 1.3 Dan Thorson (Feb 14)