Summary
Collection of low/medium severity issues that can be addressed together.
1. strtok() in SSI processing is not thread-safe (MEDIUM)
File: src/httpfile.c:281-285
strtok() uses internal static state. Recursive SSI includes (up to 10 levels) could interfere with each other within the same thread. Replace with manual parsing or a reentrant tokenizer.
2. Version string overflow — latent (LOW)
File: src/httppars.c:91
UCHAR tmp[80];
sprintf(tmp, "HTTPD/%s", httpc->httpd->version);
Currently safe but fragile. Replace with snprintf().
3. Missing NULL check in SSI echo (LOW)
File: src/httpfile.c:384-390
If var is NULL from a parsing error, http_get_env() and getenv() receive NULL. Add if (!var || !*var) goto quit; before the lookup.
Severity
MEDIUM / LOW
Summary
Collection of low/medium severity issues that can be addressed together.
1. strtok() in SSI processing is not thread-safe (MEDIUM)
File:
src/httpfile.c:281-285strtok()uses internal static state. Recursive SSI includes (up to 10 levels) could interfere with each other within the same thread. Replace with manual parsing or a reentrant tokenizer.2. Version string overflow — latent (LOW)
File:
src/httppars.c:91Currently safe but fragile. Replace with
snprintf().3. Missing NULL check in SSI echo (LOW)
File:
src/httpfile.c:384-390If
varis NULL from a parsing error,http_get_env()andgetenv()receive NULL. Addif (!var || !*var) goto quit;before the lookup.Severity
MEDIUM / LOW