summary refs log tree commit diff
diff options
context:
space:
mode:
authorJune McEnroe <june@causal.agency>2020-11-12 14:03:47 -0500
committerJune McEnroe <june@causal.agency>2020-11-12 14:03:47 -0500
commitfdb9c54455ed4d1c456dd42cbfca44638b8ab6c7 (patch)
tree29ffcb2669320310ebf6c7174d09de64ae5509e5
parentReport paths in unveil errors (diff)
downloadpounce-fdb9c54455ed4d1c456dd42cbfca44638b8ab6c7.tar.gz
pounce-fdb9c54455ed4d1c456dd42cbfca44638b8ab6c7.zip
Check bounds of ClientHello extensions length
Diffstat
-rw-r--r--dispatch.c4


1 files changed, 3 insertions, 1 deletions
diff --git a/dispatch.c b/dispatch.c
index c0964e4..624dd40 100644
--- a/dispatch.c
+++ b/dispatch.c
@@ -121,7 +121,9 @@ static char *serverName(void) {
 	skip(uint8());
 	skip(uint16());
 	skip(uint8());
-	peek.len = uint16();
+	uint16_t len = uint16();
+	if (len > peek.len) return NULL;
+	peek.len = len;
 	while (peek.len) {
 		// Extension
 		uint16_t type = uint16();

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2026-03-21 21:03:21 +0000


 


=1'>snapshot: use cgit_print_error_page() instead of html_status()John Keeping
2015-08-14plain: use cgit_print_error_page() instead of html_status()John Keeping
2015-08-14clone: use cgit_print_error_page() instead of html_status()John Keeping
2015-08-14cgit: use cgit_print_error_page() where appropriateJohn Keeping
2015-08-14ui-shared: add cgit_print_error_page() functionJohn Keeping
2015-08-14ui-patch: make sure to send http headersChristian Hesse
2015-08-13Makefile: make "git/config.mak.uname" inclusion optionalJohn Keeping
2015-08-13ui-shared: show full date in tooltip if longer ago than max_relativeJohn Keeping
2015-08-13ui-shared: use common function in print_rel_date()John Keeping
2015-08-13ui-shared: extract date formatting to a functionJohn Keeping
2015-08-13filter: don't use dlsym unnecessarilyJohn Keeping
2015-08-13ui-tree: use "sane" isgraph()John Keeping
2015-08-13cgit.h: move stdbool.h from ui-shared.hJohn Keeping
2015-08-13cache.c: fix header orderJohn Keeping
2015-08-13configfile.c: don't include system headers directlyJohn Keeping
2015-08-13Remove redundant includesJohn Keeping
2015-08-13Makefile: include Git's config.mak.unameJohn Keeping
2015-08-13tests: allow shell to be overriddenJohn Keeping
2015-08-13redirect: cleanlinessJason A. Donenfeld
2015-08-13redirect: be more careful for different cgi setupsJason A. Donenfeld
2015-08-12ui-log: fix double countingJohn Keeping
2015-08-12log: allow users to follow a fileJohn Keeping
2015-08-12shared: make cgit_diff_tree_cb publicJohn Keeping
2015-08-12t0110: Chain together using &&Jason A. Donenfeld
2015-08-12about: always ensure page has a trailing slashJason A. Donenfeld
2015-08-12filters: apply HTML escapingLazaros Koromilas
2015-08-12git: update to v2.5.0Christian Hesse
2015-08-12Fix processing of repo.hide and repo.ignoreDaniel Reichelt