Fixed stack overflow in error.c:msg2()

This commit is contained in:
Gerhard Rieger 2022-07-09 15:50:18 +02:00
parent 15e38be2f5
commit 9502d092a2
2 changed files with 6 additions and 1 deletions

View file

@ -1,4 +1,9 @@
 
Corrections:
In error.c msg2() there was a stack overflow on long messages: The
terminating \0 Byte was written behind the last position.
Thanks to Martin Liška for sending the address sanitizer report.
Porting: Porting:
OpenSSL, at least 1.1 on Ubuntu, crashed with SIGSEGV under certain OpenSSL, at least 1.1 on Ubuntu, crashed with SIGSEGV under certain
conditions: client connection to server with certificate with empty conditions: client connection to server with certificate with empty

View file

@ -318,7 +318,7 @@ void msg2(
struct tm struct_tm; struct tm struct_tm;
#endif #endif
#define BUFLEN 512 #define BUFLEN 512
char buff[BUFLEN], *bufp, *syslp; char buff[BUFLEN+1], *bufp, *syslp;
size_t bytes; size_t bytes;
#if HAVE_CLOCK_GETTIME #if HAVE_CLOCK_GETTIME