diff options
author | Sergey Poznyakoff <gray@gnu.org.ua> | 2020-03-06 10:55:08 +0200 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org.ua> | 2020-03-06 10:55:08 +0200 |
commit | 9358876eb9b42408cef571052c6e997aa77f0c77 (patch) | |
tree | 8445bcf73475d70801d747929c3e8dc1bd185c15 | |
parent | 12aed15948173c9b858f5bcc657985158ef6c9db (diff) | |
download | ping903-9358876eb9b42408cef571052c6e997aa77f0c77.tar.gz ping903-9358876eb9b42408cef571052c6e997aa77f0c77.tar.bz2 |
Bugfix
* src/ping903.c (try_auth): Fix memory overrun.
-rw-r--r-- | src/ping903.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/ping903.c b/src/ping903.c index 549f42e..5a0994f 100644 --- a/src/ping903.c +++ b/src/ping903.c @@ -839,7 +839,7 @@ try_auth(struct MHD_Connection *conn, const char *url, const char *method, char *p; char const *q; - url_len = strcspn(url, "?"); + url_len = strlen(url); while (url_len > 1 && url[url_len-1] == '/') --url_len; url_buf = malloc(url_len + 1); @@ -854,7 +854,7 @@ try_auth(struct MHD_Connection *conn, const char *url, const char *method, p = url_buf; q = url; while (*q) { - if (!(*q == '/' && q > url && q[-1] == '/')) + if (!(*q == '/' && (q[1] == 0 || (q > url && q[-1] == '/')))) *p++ = *q; q++; } |