AMajor/SoftEtherVPN
1
0
Fork 0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2024-09-13 07:13:00 +03:00
Code Releases Activity

Merge pull request #1829 from chipitsine/master

Browse Source 
src/Mayaqua/Str.c: fix denial of service reported by Cisco Talos
This commit is contained in:
Ilya Shipitsin 2023-04-22 08:26:47 +02:00 committed by GitHub
commit 8fc27da780
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/Mayaqua/Str.c
View File

@ -2062,11 +2062,11 @@ void EnSafeHttpHeaderValueStr(char *str, char replace)
length = StrLen(str);
while (index < length)
{
if (str[index] == '\r' || str[index] == '\n')
if ((str[index] == '\r' || str[index] == '\n') && length - index > 1)
{
if (replace == ' ')
{
Move(&str[index], &str[index + 1], length - index);
Move(&str[index], &str[index + 1], length - index - 1);
}
else
{
@ -2075,12 +2075,12 @@ void EnSafeHttpHeaderValueStr(char *str, char replace)
}
else if (str[index] == '\\')
{
if (str[index + 1] == 'r' || str[index + 1] == 'n')
if ((str[index + 1] == 'r' || str[index + 1] == 'n') && length - index > 2)
{
if (replace == ' ')
{
Move(&str[index], &str[index + 2], length - index);
index--;
Move(&str[index], &str[index + 2], length - index - 2);
index++;
}
else
{