Re: Much-wanted patch

From: Edward Henigin <>
Date: Sat, 26 Oct 1996 17:18:38 -0500 (CDT)

        How 'bout adding a function that gets called before or during
the log function that scans the string for non-printable characters and
prints the octal equivalent instead... This would probably take care
of the need that Dancer brings up. I don't, however, see why it is
"needed." What trouble do non-printable characters cause? If you're
paranoid about non-printable characters, I suggest you post-process
the logs with something to filter non-printables before doing anything
else with them...

        And to state more clearly what I think Dancer is asking, does
the code check for buffer overflow? Just about every security hole
that I've heard of in key system software has been caused by a buffer
overflow bug. Then again, if you're running squid as root, you're an
idiot. :)


On Sat, 26 Oct 1996, Dancer wrote:
> Actually, never mind much-wanted, this is probably needed. If, for any
> reason, we get non-printable characters in a request, we get them in the
> logs as well. This is probably not A Good Thing(tm), and the behaviour
> should be modified. For that matter we should look carefully at what
> we're doing at this point, as we are playing with data that some unknown
> source has given us.
> Anyone know what happens if you give Squid a request that's longer
> than...say...256 bytes? How about 512Kbytes? How about 10MB?
> D
Received on Sat Oct 26 1996 - 15:19:11 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:33:22 MST