git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@288 77e5149b-7576-45b1-b177-96237e5ba77b
Tomasz Kojm authored on 2004/02/15 20:53:18... | ... |
@@ -1,3 +1,9 @@ |
1 |
+Sun Feb 15 12:52:25 CET 2004 (tk) |
|
2 |
+--------------------------------- |
|
3 |
+ * freshclam: fixed proxy user/pass buffer overflow (it was causing |
|
4 |
+ problems with HTTPProxy* directives). Thanks to |
|
5 |
+ Bill Maidment <bill*maidment.com.au>. |
|
6 |
+ |
|
1 | 7 |
Sun Feb 15 08:50:21 GMT 2004 (njh) |
2 | 8 |
---------------------------------- |
3 | 9 |
* libclamav: added blobClose and blobCmp to reduce likelyhood of scanning the |
... | ... |
@@ -359,7 +359,7 @@ struct cl_cvd *remote_cvdhead(const char *file, int socketfd, const char *hostna |
359 | 359 |
|
360 | 360 |
if(user) { |
361 | 361 |
int len; |
362 |
- char* buf = mmalloc(strlen(user)*2+4); |
|
362 |
+ char* buf = mmalloc((strlen(pass) + strlen(user)) * 2 + 4); |
|
363 | 363 |
char *userpass = mmalloc(strlen(user) + strlen(pass) + 2); |
364 | 364 |
sprintf(userpass, "%s:%s", user, pass); |
365 | 365 |
len=fmt_base64(buf,userpass,strlen(userpass)); |
... | ... |
@@ -457,7 +457,7 @@ int get_database(const char *dbfile, int socketfd, const char *file, const char |
457 | 457 |
|
458 | 458 |
if(user) { |
459 | 459 |
int len; |
460 |
- char* buf = mmalloc(strlen(user)*2+4); |
|
460 |
+ char* buf = mmalloc((strlen(pass) + strlen(user)) * 2 + 4); |
|
461 | 461 |
char *userpass = mmalloc(strlen(user) + strlen(pass) + 2); |
462 | 462 |
sprintf(userpass, "%s:%s", user, pass); |
463 | 463 |
len=fmt_base64(buf,userpass,strlen(userpass)); |