Browse code
fixed proxy buffer overflow
git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@288 77e5149b-7576-45b1-b177-96237e5ba77b
Tomasz Kojm authored on 2004/02/15 20:53:18Showing 2 changed files
| ... | ... |
@@ -1,3 +1,9 @@ |
| 1 |
+Sun Feb 15 12:52:25 CET 2004 (tk) |
|
| 2 |
+--------------------------------- |
|
| 3 |
+ * freshclam: fixed proxy user/pass buffer overflow (it was causing |
|
| 4 |
+ problems with HTTPProxy* directives). Thanks to |
|
| 5 |
+ Bill Maidment <bill*maidment.com.au>. |
|
| 6 |
+ |
|
| 1 | 7 |
Sun Feb 15 08:50:21 GMT 2004 (njh) |
| 2 | 8 |
---------------------------------- |
| 3 | 9 |
* libclamav: added blobClose and blobCmp to reduce likelyhood of scanning the |
| ... | ... |
@@ -359,7 +359,7 @@ struct cl_cvd *remote_cvdhead(const char *file, int socketfd, const char *hostna |
| 359 | 359 |
|
| 360 | 360 |
if(user) {
|
| 361 | 361 |
int len; |
| 362 |
- char* buf = mmalloc(strlen(user)*2+4); |
|
| 362 |
+ char* buf = mmalloc((strlen(pass) + strlen(user)) * 2 + 4); |
|
| 363 | 363 |
char *userpass = mmalloc(strlen(user) + strlen(pass) + 2); |
| 364 | 364 |
sprintf(userpass, "%s:%s", user, pass); |
| 365 | 365 |
len=fmt_base64(buf,userpass,strlen(userpass)); |
| ... | ... |
@@ -457,7 +457,7 @@ int get_database(const char *dbfile, int socketfd, const char *file, const char |
| 457 | 457 |
|
| 458 | 458 |
if(user) {
|
| 459 | 459 |
int len; |
| 460 |
- char* buf = mmalloc(strlen(user)*2+4); |
|
| 460 |
+ char* buf = mmalloc((strlen(pass) + strlen(user)) * 2 + 4); |
|
| 461 | 461 |
char *userpass = mmalloc(strlen(user) + strlen(pass) + 2); |
| 462 | 462 |
sprintf(userpass, "%s:%s", user, pass); |
| 463 | 463 |
len=fmt_base64(buf,userpass,strlen(userpass)); |