Hi Cyril,
On Mon, Nov 30, 2009 at 12:53:34AM +0100, Cyril Bonté wrote:
> > Could you please check on your side and confirm/infirm my doubts ?
> > Basically I want to ensure we never dereference the buffer past its
> > end, so begin+len bust always be below the buffer size. If you think
> > a control is missing, we can merge it as a separate patch because
> > it's already missing in current code then.
>
> Previously, the function was called with :
> get_srv_from_appsession(s, &req->data[msg->som], msg->sl.rq.l);
>
> I assume that msg->sl.rq variables are already correctly calculated and that we can replace this call with :
> get_srv_from_appsession(s, &req->data[msg->som + msg->sl.rq.u], msg->sl.rq.u_l);
>
> This allows to parse only the URL, skipping the http method and the protocol.
> I believe this should always be contained in the buffer size.
> The parser will then restrict to this area when it will extract the session value (It was missing in the previous code).
>
> Did I understand what you wanted to know ?
Yes, that's fine then, thanks for the check.
> > I'm just waiting for your response on this possible issue and I'm
> > OK to merge it. Please tell me if you'd prefer to resend a different
> > patch with the cosmetic changes or if I can do them myself. While
> > you're at it, I noticed a mis-indented "if" statement alone in the
> > remaining part. Also something I can fix if needed.
>
> It would be great if you can do this changes (to prevent several patch versions in case I still leave some mis-indented code or misplaced comments in the options constants).
No problem, I will do that then. Anyway I would not ask you to resubmit for such minor things, but some people prefer to have the exact same version on their side as the one being committed, reason why I asked.
Thanks!
Willy
Received on 2009/11/30 06:16
This archive was generated by hypermail 2.2.0 : 2009/11/30 06:30 CET