2021-10-26 13:29:14 +02:00
|
|
|
$NetBSD: distinfo,v 1.8 2021/10/26 11:29:22 nia Exp $
|
2004-07-20 23:44:29 +02:00
|
|
|
|
2021-10-26 13:29:14 +02:00
|
|
|
BLAKE2s (cgic206.tar.gz) = 8556b77fae863150dfd3d244ee4bee30a3a8aa71a7c2c6398a822daad4b800b8
|
2015-11-04 03:46:46 +01:00
|
|
|
SHA512 (cgic206.tar.gz) = 58da23f0608a40999f726d0f2868cc305538819af41c04190f98b1bea1d9a747c677a790861dafb53c3f64bfdbfdb0edcf9b124952b750e8b26aa85e431466c4
|
Changes 2.06:
* In main(), when parsing form input fails, the CGI script exits without
producing any output whatsoever. Wouldn't it be better to actually
emit an error status, instead of expecting the server to do something
sane with a script that produces no output?
* In mpRead(), a check is done to insure the requested length is not
greater than the amount of data still available, and to adjust it
if necessary. However, this check is currently done _after_ reading
data from the putback buffer, in which process len is decremented by
the amount of putback data read, but mpp->offset is not correspondingly
incremented (this happens later). As a result, the check uses too
small a value for len, and so fails to stop reading soon enough if
the requested length is greater than what is available _and_ there
was any data in the putback buffer.
The fix is to move the check to the beginning of mpRead()
* Further, if a read request is satisfied _entirely_ from the putback
buffer, mpp->offset is not updated at all, resulting in a similar
problem. The solution is to update mpp->offset in the "else if (got)"
case.
* In cgiParsePostMultipartInput(), if the Content-Disposition of a part
is not "form-data", afterNextBoundary() is not called before beginning
to process the next part. As a result, parsing of the next part headers
begins with the body of the unwanted part. It is necessary in this case
to call afterNextBoundary() before continuing with the next cycle.
* In handling out-of-memory conditions in afterNextBoundary(), *outP is
set to '\0'. While this is technically legal ('\0' is "an integral
constant expression with the value 0"), it looks funny.
* In cgiCookieString(), a change was introduced in v2.02 which purports
to prevent an overrun in cases where cgiCookie is exactly equal to
the requested cookie name. In fact, the problem can also occur if
the requested name occurs with no values at the end of cgiCookie.
Further, the change from v2.02 does not fix the problem, because it
compares the _pointers_ p and n to NULL, which they will never equal,
rather than comparing the pointers they point at to NUL.
* Also in cgiCookieString(), there is a comment suggesting that the main
loop never terminates except with a return. This is not the case.
For example, it will terminate if the requested cookie is not found
and the cgiCookie string ends in a semicolon.
* Why did days[] (formerly daysOfWeek[]) and months[] become non-static?
This pollutes the namespace of programs using CGIC.
* In cgiReadEnvironment(), when reading in the contents of an uploaded
file, it is possible that a temporary file is successfully created
but then cannot be opened. In this case, no attempt is made to remove
the tempoary file.
* Further, when a form entry does _not_ include an uploaded file,
e->tfileName is set to malloc'd but uninitialized memory. It should
be set to an empty string, by setting e->tfileName[0] to zero after
the 1-byte buffer is allocated.
2014-04-07 17:01:44 +02:00
|
|
|
Size (cgic206.tar.gz) = 50167 bytes
|
|
|
|
|
SHA1 (patch-aa) = e90c34b85194524554ecab21a3edd68f50f41bc3
|
2004-07-20 23:44:29 +02:00
|
|
|
SHA1 (patch-ab) = 42e8ee71eeb363e702dfab66344811a8967d382d
|
2006-01-06 23:46:51 +01:00
|
|
|
SHA1 (patch-ac) = ee06539e395f5027291253c98ec103808f188a66
|
2004-07-20 23:44:29 +02:00
|
|
|
SHA1 (patch-ad) = 6ef230a6cc265121dbcbaef392bc1d9c43d167b0
|
2006-01-06 23:46:51 +01:00
|
|
|
SHA1 (patch-ae) = 0cbf0e7ceaa69adef326672cf4087a266e1c9512
|
|
|
|
|
SHA1 (patch-af) = 04c73e07a32c7df1b659f181528066d93ed684e5
|
