generic-library/libupnp
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Replace strcpy with strncpy in get_hoststr

Browse Source 
Replace strcpy with strncpy to avoid buffer overflow.
This commit is contained in:
Fabrice Fontaine
2012-03-08 17:23:46 +01:00
parent eb16f52b1a
commit 666bc7392b
2 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
ChangeLog
View File

@@ -2,6 +2,12 @@
Version 1.8.0 Version 1.8.0
******************************************************************************* *******************************************************************************
2012-03-08 Fabrice Fontaine <fabrice.fontaine(at)orange-ftgroup.com>
Replace strcpy with strncpy in get_hoststr
Replace strcpy with strncpy to avoid buffer overflow.
2012-03-08 Fabrice Fontaine <fabrice.fontaine(at)orange-ftgroup.com> 2012-03-08 Fabrice Fontaine <fabrice.fontaine(at)orange-ftgroup.com>
Memory leak fix in handle_query_variable Memory leak fix in handle_query_variable

3
upnp/src/genlib/net/http/httpreadwrite.c
View File

@@ -169,7 +169,8 @@ static int get_hoststr(const char* url_str,
{ {
char *urlPath = alloca(strlen(url_str) + 1); char *urlPath = alloca(strlen(url_str) + 1);
char *temp; char *temp;
strcpy(urlPath, url_str); memset(urlPath, 0, strlen(url_str) + 1);
strncpy(urlPath, url_str, strlen(url_str));
*hoststr = strstr(urlPath, "//"); *hoststr = strstr(urlPath, "//");
if (*hoststr == NULL) if (*hoststr == NULL)
return UPNP_E_INVALID_URL; return UPNP_E_INVALID_URL;