You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When sending large data to the get_http_param_value function in httpParser, there is no check for if the length of the parameter value is larger than the buffer created in ret[BUFPUB]. This can result in buffer overruns when the data is copied to the buffer with strncpy.
A short term solution is to change
if(len)
to
if(len && len <= sizeof(BUFPUB))
on line 233.
However, this just fails to parse the data correctly and doesn't return an error message to the user.
The text was updated successfully, but these errors were encountered:
When sending large data to the get_http_param_value function in httpParser, there is no check for if the length of the parameter value is larger than the buffer created in ret[BUFPUB]. This can result in buffer overruns when the data is copied to the buffer with strncpy.
A short term solution is to change
to
on line 233.
However, this just fails to parse the data correctly and doesn't return an error message to the user.
The text was updated successfully, but these errors were encountered: