summary refs log tree commit diff
diff options
context:
space:
mode:
authorJune McEnroe <june@causal.agency>2020-11-12 14:03:47 -0500
committerJune McEnroe <june@causal.agency>2020-11-12 14:03:47 -0500
commitfdb9c54455ed4d1c456dd42cbfca44638b8ab6c7 (patch)
tree29ffcb2669320310ebf6c7174d09de64ae5509e5
parentReport paths in unveil errors (diff)
downloadpounce-fdb9c54455ed4d1c456dd42cbfca44638b8ab6c7.tar.gz
pounce-fdb9c54455ed4d1c456dd42cbfca44638b8ab6c7.zip
Check bounds of ClientHello extensions length
Diffstat
-rw-r--r--dispatch.c4


1 files changed, 3 insertions, 1 deletions
diff --git a/dispatch.c b/dispatch.c
index c0964e4..624dd40 100644
--- a/dispatch.c
+++ b/dispatch.c
@@ -121,7 +121,9 @@ static char *serverName(void) {
 	skip(uint8());
 	skip(uint16());
 	skip(uint8());
-	peek.len = uint16();
+	uint16_t len = uint16();
+	if (len > peek.len) return NULL;
+	peek.len = len;
 	while (peek.len) {
 		// Extension
 		uint16_t type = uint16();

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2026-05-13 07:50:28 +0000


 


gmsg'>

2021-01-12Replace causal.agency with a simple mdoc pageJune McEnroe


2021-01-11Publish "Using vi"June McEnroe


2021-01-11Enable diff.colorMovedJune McEnroe


2021-01-10Set less search case-insensitiveJune McEnroe


2021-01-10Set EXINITJune McEnroe

neovim is laggy as hell in my OpenBSD VM, so I switched to vi so I
could type without getting frustrated.



2021-01-09Add c -t flag to print expression typeJune McEnroe

Also add missing float case.



2021-01-05Update taglineJune McEnroe