diff options
| author | thierry1970 <thierry@ordissimo.com> | 2020-02-11 18:19:54 +0100 |
|---|---|---|
| committer | thierry1970 <thierry@ordissimo.com> | 2020-02-11 18:19:54 +0100 |
| commit | ae611d7b5a0afc7c59972f673d2b14ac7054c6f0 (patch) | |
| tree | a74e59ea7b925e8e7dd092d3343371289d2717d1 | |
| parent | a9b653e9a5975c6fdfc6a185a6941bdcf7bbda7d (diff) | |
Fix memory overflow.
| -rw-r--r-- | src/capabilities.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/src/capabilities.c b/src/capabilities.c index c3b4b98..3c65198 100644 --- a/src/capabilities.c +++ b/src/capabilities.c @@ -18,6 +18,8 @@ struct cap size_t size; }; +#define SIZE_DATA 32784 + typedef void (*fct_parcours_t)(xmlNodePtr, ippScanner *ippscanner); void parcours_prefixe(xmlNodePtr noeud, fct_parcours_t f, ippScanner *ippscanner); @@ -201,7 +203,7 @@ http_request(const char *hostname, const char *ressource, int port, int *size_da { http_t *http = NULL; /* HTTP connection */ http_status_t status = HTTP_STATUS_OK; /* Status of GET command */ - char buffer[8192]; /* Input buffer */ + char buffer[SIZE_DATA] = { 0 }; /* Input buffer */ long bytes; /* Number of bytes read */ off_t total; /* Total bytes */ const char *encoding; /* Negotiated Content-Encoding */ @@ -236,13 +238,14 @@ http_request(const char *hostname, const char *ressource, int port, int *size_da total = 0; - while ((bytes = httpRead2(http, buffer, sizeof(buffer))) > 0) + while ((bytes = httpRead2(http, buffer, (SIZE_DATA - 1))) > 0) { char *str = realloc(memory, total + bytes + 1); memory = str; memcpy(&(memory[total]), buffer, bytes); total += bytes; memory[total] = 0; + memset(buffer, 0, SIZE_DATA); } tmp = (char *)strstr(memory, "<?xml version"); if (tmp) |