blob: 0797ab9b171fe0dfb8f516a156a315753f13ae99 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
$NetBSD: patch-cgi_trends.c,v 1.1 2014/04/02 10:22:37 he Exp $
Fix off-by-one vulnerabilities, ref. http://secunia.com/advisories/55976/
--- cgi/trends.c.orig 2011-08-17 07:36:27.000000000 +0000
+++ cgi/trends.c
@@ -1271,7 +1271,6 @@ int process_cgivars(void) {
/* do some basic length checking on the variable identifier to prevent buffer overflows */
if(strlen(variables[x]) >= MAX_INPUT_BUFFER - 1) {
- x++;
continue;
}
|