[reSIProcate] Bug in ParseBuffer::qVal
Byron Campen
docfaraday at mac.com
Wed Jul 26 10:08:34 CDT 2006
Relevant code:
*snip*
if (*mPosition == '.')
{
skipChar();
int i = 100;
while(isdigit(*mPosition) && i)
{
num += (*mPosition-'0') * i;
i /= 10;
skipChar();
}
}
*snip*
In the event that the q-value is in a copied HeaderFieldValue, we
have no guarantee of what character lies at the end of the buffer
(since the CRLF is not part of the HeaderFieldValue, when a
HeaderFieldValue is copied, anything could be there). So, it is
possible for this character to be a digit, although it lies past the
end of the buffer. We should put a check for !eof() in the if clause.
Best regards,
Byron Campen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://list.resiprocate.org/pipermail/resiprocate-devel/attachments/20060726/af2d2943/attachment.htm>
More information about the resiprocate-devel
mailing list