summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobert James Kaes <rjkaes@users.sourceforge.net>2001-01-15 17:06:19 +0000
committerRobert James Kaes <rjkaes@users.sourceforge.net>2001-01-15 17:06:19 +0000
commit2f2d74e9f2629b2c396f21f9b591865fb59d159f (patch)
tree8e2bddbc49701ea67513cc5e6dfabc97c30ffd7f
parentcc704ae7a73b21ea2c21b8e58953cdece62f81ac (diff)
downloadtinyproxy-2f2d74e9f2629b2c396f21f9b591865fb59d159f.tar.gz
tinyproxy-2f2d74e9f2629b2c396f21f9b591865fb59d159f.zip
Fixed a potential security bug in http_err. There was a possibility of a
heap overflow exploit.
-rw-r--r--ChangeLog4
-rw-r--r--src/utils.c4
2 files changed, 6 insertions, 2 deletions
diff --git a/ChangeLog b/ChangeLog
index 471c2cf..f9c5cbe 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2001-01-15 Robert James Kaes <rjkaes@flarenet.com>
+
+ * src/utils.c (httperr): A heap overflow bug fixed.
+
2000-12-07 Robert James Kaes <rjkaes@flarenet.com>
* src/thread.c (thread_main_loop): Removed all the weird timing
diff --git a/src/utils.c b/src/utils.c
index 63f4dbb..fef9ff0 100644
--- a/src/utils.c
+++ b/src/utils.c
@@ -1,4 +1,4 @@
-/* $Id: utils.c,v 1.2 2000-09-12 00:01:29 rjkaes Exp $
+/* $Id: utils.c,v 1.3 2001-01-15 17:06:19 rjkaes Exp $
*
* Misc. routines which are used by the various functions to handle strings
* and memory allocation and pretty much anything else we can think of. Also,
@@ -79,7 +79,7 @@ int httperr(struct conn_s *connptr, int err, char *msg)
return -1;
}
- sprintf(connptr->output_message, premsg, err, msg, msg, err, msg, VERSION);
+ snprintf(connptr->output_message, MAXBUFFSIZE, premsg, err, msg, msg, err, msg, VERSION);
return 0;
}