playground/suckless-quark
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Fix one byte NULL stack overflow

Browse source 
Don't append a forward slash if the length of a folder is PATH_MAX-1. This can
happen if HEADER_MAX is larger than PATH_MAX or if the `-m` option is used to
increase the path length.
This commit is contained in:
Aaron Burrow 2018-07-16 22:46:09 +02:00 committed by Laslo Hunhold
parent 72b309bbe4
commit d2013a6337
2 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
LICENSE
View file

@ -9,6 +9,7 @@ Copyright 2017-2018 Hiltjo Posthuma <hiltjo@codemadness.org>
Copyright 2017-2018 Quentin Rameau <quinq@fifth.space> Copyright 2017-2018 Quentin Rameau <quinq@fifth.space>
Copyright 2018 Josuah Demangeon <mail@josuah.net> Copyright 2018 Josuah Demangeon <mail@josuah.net>
Copyright 2018 Dominik Schmidt <domischmidt@swissonline.ch> Copyright 2018 Dominik Schmidt <domischmidt@swissonline.ch>
Copyright 2018 Aaron Burrow <burrows@charstarstar.com>
Permission to use, copy, modify, and/or distribute this software for any Permission to use, copy, modify, and/or distribute this software for any
purpose with or without fee is hereby granted, provided that the above purpose with or without fee is hereby granted, provided that the above

2
http.c
View file

@ -430,7 +430,7 @@ http_send_response(int fd, struct request *r)
if (S_ISDIR(st.st_mode)) { if (S_ISDIR(st.st_mode)) {
/* add / to target if not present */ /* add / to target if not present */
len = strlen(realtarget); len = strlen(realtarget);
if (len == PATH_MAX - 2) { if (len >= PATH_MAX - 2) {
return http_send_status(fd, S_REQUEST_TOO_LARGE); return http_send_status(fd, S_REQUEST_TOO_LARGE);
} }
if (len && realtarget[len - 1] != '/') { if (len && realtarget[len - 1] != '/') {