Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix two erroneous calls to strlcat() #284

Merged
merged 1 commit into from
Aug 7, 2018

Conversation

khorben
Copy link
Contributor

@khorben khorben commented Aug 7, 2018

strlcat() needs to be informed about the actual size of the buffer. Two
calls simply used the size expected, thus potentially allowing
stack-based buffer overflows.

There is no direct security impact in this case, since the code affected
is on the client side, and the input comes from configuration
information.

strlcat() needs to be informed about the actual size of the buffer. Two
calls simply used the size expected, thus potentially allowing
stack-based buffer overflows.

There is no direct security impact in this case, since the code affected
is on the client side, and the input comes from configuration
information.
@mrash mrash merged commit c4f437f into mrash:master Aug 7, 2018
@khorben
Copy link
Contributor Author

khorben commented Aug 7, 2018

Sorry, I think this commit introduces a regression: the original intent was probably to append options->access_str only up to the / character. With this change, the code is safer but the contents after the / character will be added too, thus breaking this functionality. Please revert it for the moment :(

@mrash
Copy link
Owner

mrash commented Aug 8, 2018

Done.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants