Ticket #89 (closed defect: fixed)

Opened 6 years ago

Last modified 6 years ago

Memory buffer overflow

Reported by: Knut Landmark Owned by:
Priority: major Milestone:
Component: zoo-kernel Version:
Keywords: Cc:

Description

The following code in service_internal.c (from line 2006, revision 456) generates errors (on Windows 7 platform) due to insufficient memory allocation (malloc needs to allocate bytes for the forward slash characters in the URLs, lines 2007 and 2010).

	if(strncasecmp(tmp2->value,"http://",7)==0){
	  file_url=(char*)malloc((strlen(tmp2->value)+strlen(file_name))*sizeof(char));
	  sprintf(file_url,"%s/%s",tmp2->value,file_name);
	}else{
	  file_url=(char*)malloc((strlen(tmp3->value)+strlen(tmp2->value)+strlen(file_name))*sizeof(char));
	  sprintf(file_url,"%s/%s/%s",tmp3->value,tmp2->value,file_name);
	}

Possibly, the if statement should also be modified to take into account the https protocol.

Change History

Changed 6 years ago by djay

  • status changed from new to closed
  • resolution set to fixed

This should be fixed in r458.

Thanks for your help.

Note: See TracTickets for help on using tickets.

Search

Context Navigation

ZOO Sponsors

http://www.zoo-project.org/trac/chrome/site/img/geolabs-logo.pnghttp://www.zoo-project.org/trac/chrome/site/img/neogeo-logo.png http://www.zoo-project.org/trac/chrome/site/img/apptech-logo.png http://www.zoo-project.org/trac/chrome/site/img/3liz-logo.png http://www.zoo-project.org/trac/chrome/site/img/gateway-logo.png

Become a sponsor !

Knowledge partners

http://www.zoo-project.org/trac/chrome/site/img/ocu-logo.png http://www.zoo-project.org/trac/chrome/site/img/gucas-logo.png http://www.zoo-project.org/trac/chrome/site/img/polimi-logo.png http://www.zoo-project.org/trac/chrome/site/img/fem-logo.png http://www.zoo-project.org/trac/chrome/site/img/supsi-logo.png http://www.zoo-project.org/trac/chrome/site/img/cumtb-logo.png

Become a knowledge partner

Related links

http://zoo-project.org/img/ogclogo.png http://zoo-project.org/img/osgeologo.png