[axel-devel] [axel-Bugs][311178] Buffer overflow in http.c

axel-bugs at alioth.debian.org axel-bugs at alioth.debian.org
Mon Oct 13 21:02:04 UTC 2008


Bugs item #311178, was opened at 2008-10-13 21:02
Status: Open
Priority: 5
Submitted By: Philipp Hagemeister (phihag-guest)
Assigned to: Philipp Hagemeister (phihag-guest)
Summary: Buffer overflow in http.c 


Initial Comment:
In http.c (about line 236, function http_encode), Axel copies an input array of size <=MAX_STRING to one of size MAX_STRING, but translates some characters to multi-byte ones, leading to a buffer overflow that can be exploited by overly long URLs containing spaces. This allows any contacted HTTP server to execute arbitrary code on a system running Axel.

The attached patch fixes the problem.



----------------------------------------------------------------------

You can respond by visiting: 
http://alioth.debian.org/tracker/?func=detail&atid=413085&aid=311178&group_id=100070



More information about the axel-devel mailing list