blob: 4e2157ca75d18c8a135936efc8fd5f62131c5ec6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
From 3764b8551463b900b5b4e3ec0cd9bb9182191cb7 Mon Sep 17 00:00:00 2001
From: rofl0r <rofl0r@users.noreply.github.com>
Date: Thu, 8 Sep 2022 15:18:04 +0000
Subject: [PATCH] prevent junk from showing up in error page in invalid
requests
fixes #457
https://github.com/tinyproxy/tinyproxy/commit/3764b8551463b900b5b4e3ec0cd9bb9182191cb7
Upstream-Status: Backport
CVE: CVE-2022-40468
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
---
src/reqs.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/reqs.c b/src/reqs.c
index bce69819..45db118d 100644
--- a/src/reqs.c
+++ b/src/reqs.c
@@ -343,8 +343,12 @@ static struct request_s *process_request (struct conn_s *connptr,
goto fail;
}
+ /* zero-terminate the strings so they don't contain junk in error page */
+ request->method[0] = url[0] = request->protocol[0] = 0;
+
ret = sscanf (connptr->request_line, "%[^ ] %[^ ] %[^ ]",
request->method, url, request->protocol);
+
if (ret == 2 && !strcasecmp (request->method, "GET")) {
request->protocol[0] = 0;
|
