mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-02-17 14:32:04 +08:00
Code Issues Packages Projects Releases Wiki Activity

Ensure a string is properly terminated in http_client.c

Browse Source 
In HTTP_new_bio(), if the host has a trailing '/' we took a copy of the
hostname but failed to terminate it properly.

Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12275)
This commit is contained in:
Matt Caswell 2020-06-25 12:21:07 +01:00
parent 64bb6276d1
commit 5a640713f3
1 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
crypto/http/http_client.c
View File

@ -712,10 +712,15 @@ static BIO *HTTP_new_bio(const char *server /* optionally includes ":port" */,
}
host_end = strchr(host, '/');
if (host_end != NULL && (size_t)(host_end - host) < sizeof(host_name)) {
/* chop trailing string starting with '/' */
strncpy(host_name, host, host_end - host + 1);
host = host_name;
if (host_end != NULL) {
size_t host_len = host_end - host;
if (host_len < sizeof(host_name)) {
/* chop trailing string starting with '/' */
strncpy(host_name, host, host_len);
host_name[host_len] = '\0';
host = host_name;
}
}
cbio = BIO_new_connect(host /* optionally includes ":port" */);