Home Explore Help
Register Sign In
PSG
/
civetweb
mirror of https://github.com/civetweb/civetweb.git
5
0
Fork 0
Files Issues 0 Wiki
Browse Source

civetweb.c: check for array boundry before read

Added assert to while loop to make sure not to read over the array boundry.

Fix for Coverity issue from Ceph project:

CID 1160832 (#1 of 1): Out-of-bounds read (OVERRUN_STATIC)
 37. overrun-local: Overrunning static array "buf", with 8192
 elements, at position 8192 with index variable "len".

Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>
Danny Al-Gaaf 11 years ago
parent
8e2de6920c
commit
6427a56977
1 changed files with 1 additions and 0 deletions
Split View Show Diff Stats
  1. 1 0
      src/civetweb.c

+ 1 - 0
src/civetweb.c
View File 

@@ -5325,6 +5325,7 @@ int mg_upload(struct mg_connection *conn, const char *destination_dir)
 
         assert(len >= 0 && len <= (int) sizeof(buf));
 
         while ((n = mg_read(conn, buf + len, sizeof(buf) - len)) > 0) {
 
             len += n;
 
+            assert(len <= (int) sizeof(buf));
 
         }
 
         if ((headers_len = get_request_len(buf, len)) <= 0) {
 
             break;