curl-library
CURLOPT_DEBUGFUNCTION
From: Jean-Philippe Barrette-LaPierre <jpb_at_rrette.com>
Date: Mon, 18 Nov 2002 17:06:06 -0500
Date: Mon, 18 Nov 2002 17:06:06 -0500
If found something suspect. I set a callback for debug. When the
curlinfo_type is set to CURLINFO_HEADER_OUT in the callback, the string is
not NULL terminated! I just want to be sure that this thing is normal, and if
it is, I just want to say that it seem very dangerous to not terminate this
string with a NULL character, because it's susposed to be a string, and not
some binary stuff like CURLINFO_DATA_IN or OUT. Some people (like me) may
misuse this, and make a buffer overflow.
-- Jean-Philippe Barrette-LaPierre Programmeur-Analyste ------------------------------------------------------- This sf.net email is sponsored by: To learn the basics of securing your web site with SSL, click here to get a FREE TRIAL of a Thawte Server Certificate: http://www.gothawte.com/rd524.htmlReceived on 2002-11-18