[hackers] [quark] http_send_response: fix undefined behaviour for copying the target string || Hiltjo Posthuma

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: <git_AT_suckless.org>
Date: Mon, 5 Mar 2018 01:21:07 +0100 (CET)

commit 444b8f5b32d0263f1a20e18eb3044bfeed334361
Author: Hiltjo Posthuma <hiltjo_AT_codemadness.org>
AuthorDate: Mon Mar 5 01:12:09 2018 +0100
Commit: Laslo Hunhold <dev_AT_frign.de>
CommitDate: Mon Mar 5 01:21:14 2018 +0100

    http_send_response: fix undefined behaviour for copying the target string

    ... the format string and buffer were the same (undefined behaviour).

diff --git a/http.c b/http.c
index 98dfb00..118389b 100644
--- a/http.c
+++ b/http.c
_AT_@ -346,10 +346,11 @@ http_send_response(int fd, struct request *r)

                 /* if we have a vhost prefix, prepend it to the target */
                 if (s.vhost[i].prefix) {
- if (esnprintf(realtarget, sizeof(realtarget), "%s%s",
+ if (esnprintf(tmptarget, sizeof(tmptarget), "%s%s",
                                       s.vhost[i].prefix, realtarget)) {
                                 return http_send_status(fd, S_REQUEST_TOO_LARGE);
                         }
+ memcpy(realtarget, tmptarget, sizeof(realtarget));
                 }
         }

Received on Mon Mar 05 2018 - 01:21:07 CET

This archive was generated by hypermail 2.3.0 : Mon Mar 05 2018 - 01:24:23 CET