[hackers] [quark] Fix one byte NULL stack overflow || Aaron Burrow

From: <git_AT_suckless.org>
Date: Mon, 16 Jul 2018 22:47:17 +0200 (CEST)

commit d2013a6337972c62a71f01324e87af0e55579245
Author: Aaron Burrow <burrows_AT_charstarstar.com>
AuthorDate: Mon Jul 16 22:46:09 2018 +0200
Commit: Laslo Hunhold <dev_AT_frign.de>
CommitDate: Mon Jul 16 22:48:20 2018 +0200

    Fix one byte NULL stack overflow
    
    Don't append a forward slash if the length of a folder is PATH_MAX-1. This can
    happen if HEADER_MAX is larger than PATH_MAX or if the `-m` option is used to
    increase the path length.

diff --git a/LICENSE b/LICENSE
index 3e402a5..fc7b4e0 100644
--- a/LICENSE
+++ b/LICENSE
_AT_@ -9,6 +9,7 @@ Copyright 2017-2018 Hiltjo Posthuma <hiltjo_AT_codemadness.org>
 Copyright 2017-2018 Quentin Rameau <quinq_AT_fifth.space>
 Copyright 2018 Josuah Demangeon <mail_AT_josuah.net>
 Copyright 2018 Dominik Schmidt <domischmidt_AT_swissonline.ch>
+Copyright 2018 Aaron Burrow <burrows_AT_charstarstar.com>
 
 Permission to use, copy, modify, and/or distribute this software for any
 purpose with or without fee is hereby granted, provided that the above
diff --git a/http.c b/http.c
index f0b84b1..7a801a5 100644
--- a/http.c
+++ b/http.c
_AT_@ -430,7 +430,7 @@ http_send_response(int fd, struct request *r)
         if (S_ISDIR(st.st_mode)) {
                 /* add / to target if not present */
                 len = strlen(realtarget);
- if (len == PATH_MAX - 2) {
+ if (len >= PATH_MAX - 2) {
                         return http_send_status(fd, S_REQUEST_TOO_LARGE);
                 }
                 if (len && realtarget[len - 1] != '/') {
Received on Mon Jul 16 2018 - 22:47:17 CEST