Skip to content
Snippets Groups Projects
Select Git revision
  • master default protected
  • v3.1-stable
  • v2.4-stable
  • v3.0-stable
  • esp32
  • v2.3-stable
  • v2.2-stable
  • v2.1-stable
  • v1.7-stable
  • v2.0-stable
  • v1.6-stable
  • v1.5-stable
  • coverity_scan
  • v3.1.0
  • v3.0.1
  • v3.0.0
  • v2.4.2
  • v2.4.1
  • v2.4.0
  • v2.3.0
  • v2.2.2
  • v2.2.1
  • v2.2.0
  • v2.1.1
  • v2.1.0
  • v2.0.3
  • v1.7.9
  • v2.1-pre3
  • v2.0.2
  • v2.0.1
  • v1.7.8
  • v2.0.0
  • v1.7.7
33 results
Blame Permalink
  • Andy Green's avatar
    a496700b
    lws_snprintf · a496700b
    Andy Green authored 
    Thanks to Fabrice Gilot for reporting the problem that led to uncovering this.

Due to a misunderstanding of the return value of snprintf (it is not truncated according
to the max size passed in) in several places relying on snprintf to truncate the length
overflows are possible.

This patch wraps snprintf with a new lws_snprintf() which does truncate its length to allow
the buffer limiting scheme to work properly.

All users should update with these fixes.
    a496700b
    History
    lws_snprintf
    Andy Green authored 
    Thanks to Fabrice Gilot for reporting the problem that led to uncovering this.

Due to a misunderstanding of the return value of snprintf (it is not truncated according
to the max size passed in) in several places relying on snprintf to truncate the length
overflows are possible.

This patch wraps snprintf with a new lws_snprintf() which does truncate its length to allow
the buffer limiting scheme to work properly.

All users should update with these fixes.
client-handshake.c 19.61 KiB