Bugtraq mailing list archives

Re: Fixing the NCSA HTTPD 1.3

From: ccshag () cclabs missouri edu (Paul 'Shag' Walmsley)
Date: Wed, 15 Feb 1995 02:31:15 -0600 (CST)


On Tue, 14 Feb 1995, Thomas Lopatic wrote:

2. have getline() read only 1000 characters instead of HUGE_STRING_LEN
   (file http_request.c: getline(l,HUGE_STRING_LEN/4,in,timeout) instead
    of getline(l,HUGE_STRING_LEN,in,timeout))


I don't see any obvious problems with it (then again, I'm no expert on 
NCSA's code) but I'm curious: is there any rationale behind the magic 
number 4 here, or is that an essentially arbitrary decision?



- Paul "Shag" Walmsley <ccshag () cclabs missouri edu>
  "I'll drink a toast to bold evolution any day!"

Current thread:

Vulnerability in NCSA HTTPD 1.3 Thomas Lopatic (Feb 13)
- Re: Vulnerability in NCSA HTTPD 1.3 Paul 'Shag' Walmsley (Feb 13)
  - Re: Vulnerability in NCSA HTTPD 1.3 Christopher Davis (Feb 14)
    - Re: Vulnerability in NCSA HTTPD 1.3 Robert M. Haas (Feb 14)
    - Re: Vulnerability in NCSA HTTPD 1.3 Christopher Davis (Feb 16)
  - Fixing the NCSA HTTPD 1.3 Thomas Lopatic (Feb 14)
    - Re: Fixing the NCSA HTTPD 1.3 Paul 'Shag' Walmsley (Feb 15)
    - Re: Fixing the NCSA HTTPD 1.3 Rens Troost (Feb 15)
    - Re: Fixing the NCSA HTTPD 1.3 Paul 'Shag' Walmsley (Feb 15)
    - For NCSA Http_1.05a Everett F Batey WA6CRE (Feb 15)
  - Sendmail 8.6.9 Nathan Lawson (Feb 14)
    - Re: Sendmail 8.6.9 Perry E. Metzger (Feb 14)
    - Re: Sendmail 8.6.9 Tom Fitzgerald (Feb 14)
    - Re: Sendmail 8.6.9 Perry E. Metzger (Feb 15)
  - Re: Vulnerability in NCSA HTTPD 1.3 Thomas Roessler (Feb 14)
  - Re: Vulnerability in NCSA HTTPD 1.3 Hannu Martikka (Feb 14)
- <Possible follow-ups>
- Re: Vulnerability in NCSA HTTPD 1.3 Edy (Feb 14)