worker.tomcat1.host=localhost
^^^^^^^
For example above: tomcat1 is the worker name.
If someone were to attempt a buffer overflow, they would need write access to the Jk config file. (Then have enough permission/patience until apache is restarted).
I do not think this is a problem (except for the admin of the box).
-Tim
Jerome Lacoste (Frisurf) wrote:
const char *wname) { + int rc = JK_TRUE; + char buf[1024]; + if (m && wname) { + int value; + sprintf(buf, "%s.%s.%s", PREFIX_OF_WORKER, wname, STICKY_SESSION);
Seeing that checkin I got curious and I had a look at the code. I saw that this sprintf is used a lot in that way. Was wondering if
there was a way to pass some parameters to overflow the buffer.
Especially if the name comes from a property read from a file. I didn't
see any special protection checking the length of the parameters, wname
in that case.
Am I wrong?
J.
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
-- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
