From 07e879e74c1b14d5ce082155e3274103aa5f1b09 Mon Sep 17 00:00:00 2001
From: QuanTech0 <1337h4x0rname@gmail.com>
Date: Sun, 3 Sep 2017 19:48:28 -0400
Subject: [PATCH] fix buffer overflow in opt_meth_setoption (#496)

---
 src/lua/socket/options.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/lua/socket/options.c b/src/lua/socket/options.c
index a518505014..4ec63afd82 100644
--- a/src/lua/socket/options.c
+++ b/src/lua/socket/options.c
@@ -5,6 +5,7 @@
 * RCS ID: $Id: options.c,v 1.6 2005/11/20 07:20:23 diego Exp $
 \*=========================================================================*/
 #include <string.h> 
+#include <stdlib.h>
 
 #include "auxiliar.h"
 #include "options.h"
@@ -31,9 +32,10 @@ int opt_meth_setoption(lua_State *L, p_opt opt, p_socket ps)
     while (opt->name && strcmp(name, opt->name))
         opt++;
     if (!opt->func) {
-        char msg[45];
+        char* msg = malloc(30+strlen(name));
         sprintf(msg, "unsupported option `%.35s'", name);
         luaL_argerror(L, 2, msg);
+        free(msg);
     }
     return opt->func(L, ps);
 }