- Michael Link fixed security vulnerability
diff --git a/tcl_cmds.c b/tcl_cmds.c
index 38e6e9c..2ad0484 100644
--- a/tcl_cmds.c
+++ b/tcl_cmds.c
@@ -434,7 +434,7 @@
break;
}
- set_var(interp, nm_var, (char*) key, (char*) val);
+ set_var(interp, nm_var, (char*) key, "%s", (char*) val);
}
return OK;
@@ -2219,7 +2219,7 @@
char *sptr = strchr(env[i], '=');
*sptr = '\0';
- set_var(interp, nm_env, env[i], sptr + 1);
+ set_var(interp, nm_env, env[i], "%s", sptr + 1);
*sptr = '=';
}
diff --git a/tcl_core.c b/tcl_core.c
index 77cd65f..800575a 100644
--- a/tcl_core.c
+++ b/tcl_core.c
@@ -542,7 +542,7 @@
static int tcl_init_handler(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *ptemp, server_rec *s)
{
- ap_add_version_component(pconf, "mod_tcl/1.0");
+ ap_add_version_component(pconf, "mod_tcl/1.0.1");
return OK;
}
@@ -647,7 +647,7 @@
char *namespc = (char*) malloc(strlen(r->filename) + strlen(vl[i].var1) + 3);
sprintf(namespc, "%s::%s", r->filename, vl[i].var1);
- set_var(interp, namespc, vl[i].var2, vl[i].var3);
+ set_var(interp, namespc, vl[i].var2, "%s", vl[i].var3);
free(namespc);
}
else if (vl[i].fl == 2) {
