Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-12 11:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Fix out-of-bounds memory accesses.

Browse source 
And remove a variable-length-array usage.
This commit is contained in:
Jon Siwek 2013-09-13 15:05:17 -05:00
parent 5a992879a0
commit 3d81432a1e
2 changed files with 5 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/analyzer/protocol/pop3/POP3.cc
View file

@ -80,7 +80,7 @@ void POP3_Analyzer::DeliverStream(int len, const u_char* data, bool orig)
static string trim_whitespace(const char* in)
{
int n = strlen(in);
char out[n];
char* out = new char[n + 1];
char* out_p = out;
in = skip_whitespace(in);
@ -112,7 +112,9 @@ static string trim_whitespace(const char* in)
*out_p = 0;
return string(out);
string rval(out);
delete [] out;
return rval;
}
void POP3_Analyzer::ProcessRequest(int length, const char* line)

2
src/input/Manager.cc
View file

@ -2045,7 +2045,7 @@ int Manager::CopyValue(char *data, const int startpos, const Value* val)
case IPv6:
length = sizeof(val->val.addr_val.in.in6);
memcpy(data + startpos,
(const char*) &(val->val.subnet_val.prefix.in.in4), length);
(const char*) &(val->val.subnet_val.prefix.in.in6), length);
break;
default: