Log Message: [[[ Allocate enough memory for APACHE_ARG_MAX arguments plus a terminating NULL pointer. ]]] Patch: [[[ Index: modules/fcgid/fcgid_proc_unix.c =================================================================== --- modules/fcgid/fcgid_proc_unix.c (revision 938992) +++ modules/fcgid/fcgid_proc_unix.c (working copy) @@ -201,7 +201,7 @@ struct sockaddr_un unix_addr; apr_procattr_t *procattr = NULL; int argc; - const char *wargv[APACHE_ARG_MAX]; + const char *wargv[APACHE_ARG_MAX+1]; const char *word; /* For wrapper */ const char *tmp; ]]]
same change needed to fcgid_proc_win.c as well... looking further at implications
Thanks for the fix, now committed; same change was added to the analogous code for Windows. Buffer overflow can't occur at present due to truncation of such command-lines before it reaches this point in processing.