review.tizen.org Git - platform/upstream/libwebsockets.git/commit

projects / platform / upstream / libwebsockets.git / commit

author	Andy Green <andy@warmcat.com>
	Wed, 14 Sep 2016 18:22:57 +0000 (02:22 +0800)
committer	Andy Green <andy@warmcat.com>
	Wed, 14 Sep 2016 18:22:57 +0000 (02:22 +0800)
commit	a496700b3a67ccb494385bfb22ebab0027af6e60
tree	1dff9f60e1159c0af9e5da65979df294d149284b	tree \| snapshot
parent	c15714f35a0e059ae33c1959f4059967e04b71d2	commit \| diff

lws_snprintf

Thanks to Fabrice Gilot for reporting the problem that led to uncovering this.

Due to a misunderstanding of the return value of snprintf (it is not truncated according
to the max size passed in) in several places relying on snprintf to truncate the length
overflows are possible.

This patch wraps snprintf with a new lws_snprintf() which does truncate its length to allow
the buffer limiting scheme to work properly.

All users should update with these fixes.

35 files changed:

doc/html/globals_func.html		diff \| blob \| history
doc/html/globals_l.html		diff \| blob \| history
doc/html/group__misc.html		diff \| blob \| history
doc/html/group__misc.js		diff \| blob \| history
doc/html/group__smtp.html		diff \| blob \| history
doc/html/libwebsockets_8h.html		diff \| blob \| history
doc/html/libwebsockets_8h.js		diff \| blob \| history
doc/html/libwebsockets_8h_source.html		diff \| blob \| history
doc/html/navtreedata.js		diff \| blob \| history
doc/html/navtreeindex0.js		diff \| blob \| history
doc/html/navtreeindex1.js		diff \| blob \| history
doc/html/navtreeindex2.js		diff \| blob \| history
doc/html/navtreeindex3.js		diff \| blob \| history
doc/html/navtreeindex4.js		diff \| blob \| history
lib/client-handshake.c		diff \| blob \| history
lib/lejp-conf.c		diff \| blob \| history
lib/libuv.c		diff \| blob \| history
lib/libwebsockets.c		diff \| blob \| history
lib/libwebsockets.h		diff \| blob \| history
lib/lws-plat-esp8266.c		diff \| blob \| history
lib/lws-plat-unix.c		diff \| blob \| history
lib/private-libwebsockets.h		diff \| blob \| history
lib/server.c		diff \| blob \| history
plugins/generic-sessions/handlers.c		diff \| blob \| history
plugins/generic-sessions/protocol_generic_sessions.c		diff \| blob \| history
plugins/generic-sessions/protocol_lws_messageboard.c		diff \| blob \| history
plugins/generic-sessions/utils.c		diff \| blob \| history
plugins/generic-table/protocol_table_dirlisting.c		diff \| blob \| history
plugins/protocol_dumb_increment.c		diff \| blob \| history
plugins/protocol_lws_status.c		diff \| blob \| history
plugins/protocol_post_demo.c		diff \| blob \| history
test-server/test-fraggle.c		diff \| blob \| history
test-server/test-ping.c		diff \| blob \| history
test-server/test-server-http.c		diff \| blob \| history
test-server/test-server-status.c		diff \| blob \| history

Domain: Network & Connectivity / Data Network;

RSS Atom