Summary: | Stack address is returned from function parse_ap_expr | ||
---|---|---|---|
Product: | Apache httpd-2 | Reporter: | SourceBrella <report> |
Component: | mod_include | Assignee: | Apache HTTPD Bugs Mailing List <bugs> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | report |
Priority: | P2 | Keywords: | FixedInTrunk |
Version: | 2.4.23 | ||
Target Milestone: | --- | ||
Hardware: | PC | ||
OS: | All |
Description
SourceBrella
2016-07-12 09:04:53 UTC
The function is here: modules/filters/mod_include.c Thanks for the report! Did you ever see a symptom on this? I have not seen any symptom, but it is indeed a dangerous operation. Fixed in 2.4.25 (In reply to Eric Covener from comment #5) > Fixed in 2.4.25 I found a similar problem in "support/htpasswd.c". I have reported this issue in https://bz.apache.org/bugzilla/show_bug.cgi?id=60634 |