Re: [Mod-security-developers] ModSecurity 2.6.7: PCRE version check
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [Mod-security-developers] ModSecurity 2.6.7: PCRE version check
|
From: Breno S. <bre...@gm...> - 2012-08-03 00:21:22
|
True. I will consider work with %s.
On Thu, Aug 2, 2012 at 6:53 PM, Peter Heimann <hei...@we...> wrote:
> On 08/03/2012 01:04 AM, Breno Silva wrote:
> > I reverted it.
> >
> > Are you sure your idea will prevents 8.2 and 8.02 are considered equal ?
> > Let me check in the lib pcre history if 8.2 means (two) or twenty :)
>
> As far as I can see, there hasn't been a version 8.2.
>
> For all versions up to PCRE 7.9, the minor version did not have leading
> zeroes, and the ModSecurity 2.6.6 comparison is correct. The original
> ModSecurity 2.6.7 code adds a leading zero in these cases, and breaks
> the comparison ("7.9" turned into "7.09", although the version _is_
> identical).
>
> For PCRE 8.00, 8.01, 8.02 my previous proposal does not fix the problem
> completely. Futhermore, we don't know whether PCRE will use versions
> 9.0, 9.1, 9.2, ... or 9.00, 9,01, 0.02, ... in the future.
>
> As the PCRE code itself uses string concatenation to build the
> pcre_version() return string, I feel we need to do away with "%d" and
> use string operations as well:
>
> pcre_vrs = apr_psprintf(mp,"%s.%s ", PCRE_MAJOR, PCRE_MINOR);
>
> (This will still produce a warning for PCRE prerelease versions, though.)
>
> --
> Peter Heimann
>
|
