[995] in bugtraq
Re: Fixing the NCSA HTTPD 1.3
daemon@ATHENA.MIT.EDU (Dan Thorson)
Tue Feb 14 18:52:08 1995
To: Thomas Lopatic <lopatic@dbs.informatik.uni-muenchen.de>
Cc: bugtraq <bugtraq@fc.net>
From: Dan Thorson <Dan_Thorson@notes.seagate.com>
Date: 14 Feb 95 14:23:54 EDT
I haven't checked everything yet, but...
Did you see the CIAC bulletin? They only recommened the setting of
MAX_STRING_LEN and HUGE_STRING_LEN to be equal.
Hmmm. Perhaps they didn't see the sprintf's in log_transaction() [for example,
in http_log.c])?
I've called CIAC & let them know. Your fix may be more complete, but time will
tell if it's enough.