[axel-commits] r54 - /branches/2.x/CHANGES /branches/2.x/axel.h /branches/2.x/http.c /trunk/CHANGES /trunk/axel.h /trunk/http.c
phihag-guest at users.alioth.debian.org
phihag-guest at users.alioth.debian.org
Mon Oct 13 21:06:40 UTC 2008
Author: phihag-guest
Date: Mon Oct 13 21:06:39 2008
New Revision: 54
URL: http://svn.debian.org/wsvn/axel/?sc=1&rev=54
Log:
Fix buffer overflow in http.c (Closes: #311178)
Modified:
branches/2.x/CHANGES
branches/2.x/axel.h
branches/2.x/http.c
trunk/CHANGES
trunk/axel.h
trunk/http.c
Modified: branches/2.x/CHANGES
URL: http://svn.debian.org/wsvn/axel/branches/2.x/CHANGES?rev=54&op=diff
==============================================================================
--- branches/2.x/CHANGES (original)
+++ branches/2.x/CHANGES Mon Oct 13 21:06:39 2008
@@ -1,3 +1,7 @@
+Version 2.2:
+
+- Fix a buffer overflow in http.c:http_encode.
+
Version 2.1:
- Fix version string. 2.0 still reported 1.1, thanks Ajay R Ramjatan
Modified: branches/2.x/axel.h
URL: http://svn.debian.org/wsvn/axel/branches/2.x/axel.h?rev=54&op=diff
==============================================================================
--- branches/2.x/axel.h (original)
+++ branches/2.x/axel.h Mon Oct 13 21:06:39 2008
@@ -67,7 +67,7 @@
#define MAX_STRING 1024
#define MAX_ADD_HEADERS 10
#define MAX_REDIR 5
-#define AXEL_VERSION_STRING "2.1"
+#define AXEL_VERSION_STRING "2.2"
#define USER_AGENT "Axel " AXEL_VERSION_STRING " (" ARCH ")"
typedef struct
Modified: branches/2.x/http.c
URL: http://svn.debian.org/wsvn/axel/branches/2.x/http.c?rev=54&op=diff
==============================================================================
--- branches/2.x/http.c (original)
+++ branches/2.x/http.c Mon Oct 13 21:06:39 2008
@@ -236,9 +236,19 @@
for( i = j = 0; s[i]; i ++, j ++ )
{
+ /* Fix buffer overflow */
+ if (j >= MAX_STRING - 1) {
+ break;
+ }
+
t[j] = s[i];
if( s[i] == ' ' )
{
+ /* Fix buffer overflow */
+ if (j >= MAX_STRING - 3) {
+ break;
+ }
+
strcpy( t + j, "%20" );
j += 2;
}
Modified: trunk/CHANGES
URL: http://svn.debian.org/wsvn/axel/trunk/CHANGES?rev=54&op=diff
==============================================================================
--- trunk/CHANGES (original)
+++ trunk/CHANGES Mon Oct 13 21:06:39 2008
@@ -1,3 +1,7 @@
+Version 2.2:
+
+- Fix a buffer overflow in http.c:http_encode.
+
Version 2.1:
- Fix version string. 2.0 still reported 1.1, thanks Ajay R Ramjatan
Modified: trunk/axel.h
URL: http://svn.debian.org/wsvn/axel/trunk/axel.h?rev=54&op=diff
==============================================================================
--- trunk/axel.h (original)
+++ trunk/axel.h Mon Oct 13 21:06:39 2008
@@ -67,7 +67,7 @@
#define MAX_STRING 1024
#define MAX_ADD_HEADERS 10
#define MAX_REDIR 5
-#define AXEL_VERSION_STRING "2.1"
+#define AXEL_VERSION_STRING "2.99.0"
#define DEFAULT_USER_AGENT "Axel " AXEL_VERSION_STRING " (" ARCH ")"
typedef struct
Modified: trunk/http.c
URL: http://svn.debian.org/wsvn/axel/trunk/http.c?rev=54&op=diff
==============================================================================
--- trunk/http.c (original)
+++ trunk/http.c Mon Oct 13 21:06:39 2008
@@ -235,9 +235,19 @@
for( i = j = 0; s[i]; i ++, j ++ )
{
+ /* Fix buffer overflow */
+ if (j >= MAX_STRING - 1) {
+ break;
+ }
+
t[j] = s[i];
if( s[i] == ' ' )
{
+ /* Fix buffer overflow */
+ if (j >= MAX_STRING - 3) {
+ break;
+ }
+
strcpy( t + j, "%20" );
j += 2;
}
More information about the axel-commits
mailing list