Changeset 8433


Ignore:
Timestamp:
02/27/13 14:34:26 (9 years ago)
Author:
gf
Message:

webif: Fix possible segfault when template is read from disk.

strstr() can segfault if the data read in the buffer is not \0
terminated. This can happend if try to read binary file.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/module-webif-tpl.c

    r8427 r8433  
    217217        {
    218218            FILE *fp;
    219             char buffer[1024];
     219            char buffer[1025];
    220220            memset(buffer, 0, sizeof(buffer));
    221221            int32_t readen, allocated = 1025, offset, size = 0;
    222222            if (!cs_malloc(&result, allocated)) return NULL;
    223223            if ((fp = fopen(path,"r"))!=NULL) {
    224             while((readen = fread(&buffer,sizeof(char),1024,fp)) > 0) {
     224            // Use as read size sizeof(buffer) - 1 to ensure that buffer is
     225            // zero terminated otherwise strstr can segfault!
     226            while((readen = fread(buffer, 1, sizeof(buffer) - 1, fp)) > 0) {
    225227                offset = 0;
    226228                if (size == 0 && removeHeader) {
Note: See TracChangeset for help on using the changeset viewer.