Boost-Commit :

From: lists.drrngrvy_at_[hidden]
Date: 2008-03-21 18:22:43

• Next message: lists.drrngrvy_at_[hidden]: "[Boost-commit] svn:boost r43792 - in sandbox/SOC/2007/cgi/branches/release: . boost/cgi/detail"
• Previous message: lists.drrngrvy_at_[hidden]: "[Boost-commit] svn:boost r43790 - in sandbox/SOC/2007/cgi/branches/release: . libs/cgi/example/acgi/amortization libs/cgi/example/fcgi/amortization"

Author: drrngrvy
Date: 2008-03-21 18:22:42 EDT (Fri, 21 Mar 2008)
New Revision: 43791
URL: http://svn.boost.org/trac/boost/changeset/43791

Log:
Oops. Fix a possible buffer overflow.
Text files modified:
   sandbox/SOC/2007/cgi/trunk/boost/cgi/detail/url_decode.hpp | 6 +++---
   1 files changed, 3 insertions(+), 3 deletions(-)

Modified: sandbox/SOC/2007/cgi/trunk/boost/cgi/detail/url_decode.hpp
==============================================================================
--- sandbox/SOC/2007/cgi/trunk/boost/cgi/detail/url_decode.hpp (original)
+++ sandbox/SOC/2007/cgi/trunk/boost/cgi/detail/url_decode.hpp 2008-03-21 18:22:42 EDT (Fri, 21 Mar 2008)
@@ -77,9 +77,9 @@
            ret.append(1, ' ');
            break;
          case '%':
- if (std::isxdigit(*(iter+1))
- && std::isxdigit(*(iter+2))
- && std::distance(iter, end) >= 2)
+ if (std::distance(iter, end) >= 2
+ && std::isxdigit(*(iter+1))
+ && std::isxdigit(*(iter+2)))
            {
              char ch = *++iter; // need this because order of function arg
                                 // evaluation is UB.

• Next message: lists.drrngrvy_at_[hidden]: "[Boost-commit] svn:boost r43792 - in sandbox/SOC/2007/cgi/branches/release: . boost/cgi/detail"
• Previous message: lists.drrngrvy_at_[hidden]: "[Boost-commit] svn:boost r43790 - in sandbox/SOC/2007/cgi/branches/release: . libs/cgi/example/acgi/amortization libs/cgi/example/fcgi/amortization"

Boost-Commit list run by bdawes at acm.org, david.abrahams at rcn.com, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk