CVS commit by ossi:
fix bug in newline conversion causing buffer overflows.
this leads to segfaults and has some security impact.
M +8 -7 sync.c 1.86
--- isync/src/sync.c #1.85:1.86
@@ -212,5 +212,5 @@ msg_fetched( int sts, void *aux )
SVARS(vars->aux)
char *fmap, *buf;
- int i, len, extra, cra, crd, scr, tcr;
+ int i, len, extra, cra, crd, scr, tcr, crds;
int start, sbreak = 0, ebreak = 0;
char c;
@@ -235,18 +235,19 @@ msg_fetched( int sts, void *aux )
nloop:
start = i;
+ crds = 0;
while (i < len) {
c = fmap[i++];
if (c == '\r')
- extra += crd;
+ crds += crd;
else if (c == '\n') {
- extra += cra;
- if (i - 1 - scr == start) {
- sbreak = ebreak = i - 1
- scr;
- goto oke;
- }
if (!memcmp( fmap + start,
"X-TUID: ", 8 )) {
extra -= (ebreak = i) -
(sbreak = start);
goto oke;
}
+ extra += cra + crds;
+ if (i - 1 - scr == start) {
+ sbreak = ebreak = i - 1
- scr;
+ goto oke;
+ }
goto nloop;
}
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
isync-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/isync-devel
