-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathBUGS
62 lines (52 loc) · 2.3 KB
/
BUGS
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
NOTE: Bugs are mentioned in the version they are found in. This doesn't
mean that they didn't exist prior to that version.
Known Bugs in 1.5.2
---------------------
*) HTTPd doesn't recognize an HTTP/1.1 request correctlly
Known Bugs in 1.5.1
---------------------
*) Can only use a single group on a require group
*) core dumps at random due to a free in env.c
*) Relative urls in imagemaps are broken
*) doesn't kill cgi scripts if the user aborts
*) content_length gets reset after scanning cgi headers, instead of before
*) can core dump on special case in _getline (rfc822 line wrapping)
Known Bugs in 1.5.1b3
---------------------
*) 299: File descriptors aren't set correctly on child_alone()
*) 301: Sending headers on HTTP/0.9 response
Known Bugs in 1.5.1b2
---------------------
*) 900: ErrorDocument 401s as html files doesn't work on Mosaic/X, does on
netscape
*) 293: Socket isn't closed before CGI execution, causing client to hang
waiting for close
Known Bugs in 1.5.1b1
---------------------
*) 264: imagemap fails because of invalid fgets() argument
*) 265: in_ip() broken causing all access control by ip to fail
*) 266: 301 and 204 status codes broken in set_stat_line()
*) 267: no bounds checking in access_control array
Known Bugs in 1.5a
---------------------
*) server doesn't clean up directory indexing information added by .htaccess
*) fgets in src/imagemap.c only uses MAX_STRING_LEN, which may be too short
for complex polygons
*) If you don't have an allow or require line in .htaccess LIMIT, it won't
work (ie, just a deny)
*) Doesn't log HEAD request to automatically indexed directory
*) Can't use group and user name which are the same in flat group file
*) Off by one errors in DBM support
*) typo in LOCALHACK
*) Server core dumped if user aborted before reqInfo->remote_name set
*) Server core dumped if setuid/setgid failed
*) Bug in http_access.c which makes matchexp directories in access control
not work correctly
*) NIS group files only work if using NIS password files as well
*) Order mutual-failure is broken, does exact opposite
*) Don't strip Content-Length header from CGI scripts
*) require group will match user as postfix of another, and fails if a
prefix occurs first
Known Bugs in 1.5
---------------------
*) Typo/Thinko in http_access.c which breaks order deny/allow