{"schema":"libjg2-1", "vpath":"/git/", "avatar":"/git/avatar/", "alang":"", "gen_ut":1746161650, "reponame":"libwebsockets", "desc":"libwebsockets lightweight C networking library", "owner": { "name": "Andy Green", "email": "andy@warmcat.com", "md5": "c50933ca2aa61e0fe2c43d46bb6b59cb" },"url":"https://libwebsockets.org/repo/libwebsockets", "f":3, "items": [ {"schema":"libjg2-1", "cid":"7322072104b58957c7d775ebe5f9ffb7", "commit": {"type":"commit", "time": 1509581466, "time_ofs": 480, "oid_tree": { "oid": "c06f854ffbcef997c7db0e4f0936077d0acd9d01", "alias": []}, "oid":{ "oid": "462e449cd6d8083c8f8d10b5c8026136b1a51d34", "alias": []}, "msg": "lws_hdr_copy: protect against garbage", "sig_commit": { "git_time": { "time": 1509581466, "offset": 480 }, "name": "Andy Green", "email": "andy@warmcat.com", "md5": "c50933ca2aa61e0fe2c43d46bb6b59cb" }, "sig_author": { "git_time": { "time": 1509581441, "offset": 480 }, "name": "Andy Green", "email": "andy@warmcat.com", "md5": "c50933ca2aa61e0fe2c43d46bb6b59cb" }}, "body": "lws_hdr_copy: protect against garbage" , "diff": "diff --git a/lib/server/parsers.c b/lib/server/parsers.c\nindex 7109128..2ae188c 100644\n--- a/lib/server/parsers.c\n+++ b/lib/server/parsers.c\n@@ -570,11 +570,15 @@ LWS_VISIBLE int lws_hdr_copy(struct lws *wsi, char *dst, int len,\n \t\treturn 0;\n \n \tdo {\n-\t\tstrcpy(dst,\n-\t\t \u0026wsi-\u003eu.hdr.ah-\u003edata[wsi-\u003eu.hdr.ah-\u003efrags[n].offset]);\n+\t\tif (wsi-\u003eu.hdr.ah-\u003efrags[n].len \u003e\u003d len)\n+\t\t\treturn -1;\n+\t\tstrncpy(dst, \u0026wsi-\u003eu.hdr.ah-\u003edata[wsi-\u003eu.hdr.ah-\u003efrags[n].offset],\n+\t\t wsi-\u003eu.hdr.ah-\u003efrags[n].len);\n \t\tdst +\u003d wsi-\u003eu.hdr.ah-\u003efrags[n].len;\n+\t\tlen -\u003d wsi-\u003eu.hdr.ah-\u003efrags[n].len;\n \t\tn \u003d wsi-\u003eu.hdr.ah-\u003efrags[n].nfrag;\n \t} while (n);\n+\t*dst \u003d '\u005c0';\n \n \treturn toklen;\n }\n","s":{"c":1746161650,"u": 1614}} ],"g": 2305,"chitpc": 0,"ehitpc": 0,"indexed":0 , "ab": 0, "si": 0, "db":0, "di":0, "sat":0, "lfc": "0000"}