1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-22 08:08:50 -05:00

James Bursa found an ERRORBUFFFER overflow

This commit is contained in:
Daniel Stenberg 2003-10-26 15:42:21 +00:00
parent 4cccceb034
commit 54c6f2c7c0
2 changed files with 10 additions and 1 deletions

View File

@ -7,6 +7,13 @@
Changelog
Daniel (26 October)
- James Bursa found out that curl_msnprintf() could write the trailing
zero-byte outside its given buffer size. This could happen if you generated
a very long error message as then libcurl would overwrite the ERRORBUFFER
with one byte. Using a non-existing very long local file:// name is one case
that could make this occur.
Daniel (24 October)
- David Hull filed bug report #829827. It identified a problem with -C - if
the full file already was downloaded and thus the server responded with a

View File

@ -24,6 +24,7 @@ This release includes the following changes:
This release includes the following bugfixes:
o a rare ERRORBUFFER single-byte overflow was fixed
o HTTP-resuming an already downloaded file works better
o builds better on Solaris 8+ with gcc
o --disable-eprt works now
@ -81,6 +82,7 @@ advice from friends like these:
Neil Spring, Siddhartha Prakash Jain, Jon Turner, Vincent Bronner, Shard,
Jeremy Friesner, Florian Schoppmann, Neil Dunbar, Frank Ticheler, Lachlan
O'Dea, Dirk Manske, Domenico Andreoli, Gisle Vanem, Kimmo Kinnunen, Andrew
Fuller, Georg Horn, Andrés García, Dylan Ellicott, Kevin Roth, David Hull
Fuller, Georg Horn, Andrés García, Dylan Ellicott, Kevin Roth, David Hull,
James Bursa
Thanks! (and sorry if I forgot to mention someone)