]> granicus.if.org Git - curl/commit
projects / curl / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ae3f838) | patch
vtls: fix potential ssl_buffer stack overflow
authorDaniel Gustafsson <daniel@yesql.se>
Mon, 13 May 2019 18:27:50 +0000 (20:27 +0200)
committerDaniel Gustafsson <daniel@yesql.se>
Mon, 13 May 2019 18:27:50 +0000 (20:27 +0200)
commitb4bb920405a6eb045f9e1fc3b5e05715bca2b0b4
treec999bd16f22f3c87d52134008b82876dbfdeb231tree | snapshot
parentae3f838b9a8b185d98b2a5442a3d220ac9a3a11dcommit | diff
vtls: fix potential ssl_buffer stack overflow

In Curl_multissl_version() it was possible to overflow the passed in
buffer if the generated version string exceeded the size of the buffer.
Fix by inverting the logic, and also make sure to not exceed the local
buffer during the string generation.

Closes #3863
Reported-by: nevv on HackerOne/curl
Reviewed-by: Jay Satiro
Reviewed-by: Daniel Stenberg
lib/vtls/vtls.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.