[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gurlchecker-users] Re: [gurlchecker] crash of 0.6.0-pre2
From: |
Emmanuel Saracco |
Subject: |
[gurlchecker-users] Re: [gurlchecker] crash of 0.6.0-pre2 |
Date: |
04 Aug 2003 18:42:48 +0200 |
Le lun 04/08/2003 à 18:13, James Antill a écrit :
[...]
> Adding some tracers (gdb couldn't give a backtrace), I can see that
> it dies on this line...
>
> tb->attr = uc_html_parser_get_attributes (tmp);
>
> ...and it seems there is a buffer overflow, this fixes my crash...
>
> diff -ru orig/gurlchecker-0.6.0pre2/src/html_parser.c
> gurlchecker-0.6.0pre2/src/html_parser.c
> --- orig/gurlchecker-0.6.0pre2/src/html_parser.c 2003-08-03
> 18:07:03.000000000 -0400
> +++ gurlchecker-0.6.0pre2/src/html_parser.c 2003-08-04 12:10:41.000000000
> -0400
> @@ -449,7 +449,7 @@
> html_tag = uc_html_parser_node_new (uc_utils_strdup_delim (tag, end));
>
> tag += (end - tag) + 1;
> - while (*tag)
> + while (*tag && (i < BUFFER_URL_LEN))
> {
> switch (*tag)
> {
thanks a lot for your patch :-) it is great if it fix your problem.
> *cough* hyttp://www.and.org/vstr/security.html *cough*
very interesting wand usefull work.
bye
--
Emmanuel Saracco - address@hidden
http://emmanuel.saracco.free.fr