cURL / Mailing Lists / curl-library / Single Mail

curl-library

CURLOPT_DEBUGFUNCTION

From: Jean-Philippe Barrette-LaPierre <jpb_at_rrette.com>
Date: Mon, 18 Nov 2002 17:06:06 -0500

If found something suspect. I set a callback for debug. When the
curlinfo_type is set to CURLINFO_HEADER_OUT in the callback, the string is
not NULL terminated! I just want to be sure that this thing is normal, and if
it is, I just want to say that it seem very dangerous to not terminate this
string with a NULL character, because it's susposed to be a string, and not
some binary stuff like CURLINFO_DATA_IN or OUT. Some people (like me) may
misuse this, and make a buffer overflow.

-- 
Jean-Philippe Barrette-LaPierre
Programmeur-Analyste
-------------------------------------------------------
This sf.net email is sponsored by: To learn the basics of securing 
your web site with SSL, click here to get a FREE TRIAL of a Thawte 
Server Certificate: http://www.gothawte.com/rd524.html
Received on 2002-11-18