moparisthebest
/
wget
mirror of https://github.com/moparisthebest/wget
1
0
Fork 0
Code Issues Releases Wiki Activity

[svn] Added Daniel's fix for remotely exploitable buffer overflow vulnerability in NTML code.

This commit is contained in:
mtortonesi 2005-10-13 02:04:16 -07:00
parent 02e8aa3ac4
commit 4950b4f441
2 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/ChangeLog
View File

@ -1,3 +1,7 @@
2005-10-13 Daniel Stenberg <daniel@haxx.se>
* http-ntlm.c (ntlm_output): Fixed buffer overflow vulnerability.
2005-10-09 Russ Allbery <rra@stanford.edu>
* snprintf.c: Remove round to round_int and pow10 to pow10_int, to

5
src/http-ntlm.c
View File

@ -524,6 +524,11 @@ ntlm_output (struct ntlmdata *ntlm, const char *user, const char *passwd,
size=64;
ntlmbuf[62]=ntlmbuf[63]=0;
/* Make sure that the user and domain strings fit in the target buffer
before we copy them there. */
if(size + userlen + domlen >= sizeof(ntlmbuf))
return NULL;
memcpy(&ntlmbuf[size], domain, domlen);
size += domlen;