Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Potential unsafe operation on data returned from fgets #50

Open
musteresel opened this issue Nov 18, 2024 · 0 comments
Open

Potential unsafe operation on data returned from fgets #50

musteresel opened this issue Nov 18, 2024 · 0 comments

Comments

@musteresel
Copy link

musteresel commented Nov 18, 2024
edited
Loading

wsapi/src/fastcgi/lfcgi.c

Lines 365 to 366 in 8bbfe70

l = strlen(p);
if (p[l-1] != '\n')

The buffer may contain a zero byte; which may even be at the beginning. This causes strlen to return 0, and thus (size_t) 0 - 1 will result in SIZE_MAX and thus cause an out of buffer access

See https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152422
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@musteresel