New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
An unsafe operation is found in the S2J_STRUCT_GET_string_ELEMENT function #13
Comments
|
字符串的话,是否要修改成:sizeof是否要-1: |
|
CVE-2020-29203 was assigned to this issue. |
|
Thanks for your feedback, can you submit a PR for it? |
It's my first time to submit a PR, so please check my work carefully...And thank you for giving me this chance! |
Good job. Thank you for your contribution, PR has been merged |
struct2json
Vulnerability Analysis
An unsafe operation is found in the
S2J_STRUCT_GET_string_ELEMENTfunction. Thestrcpyfunction is used to copyJSON->valueto thestruct, which may cause overflow whenJSON->valueis longer than structure defined array size.POC
Run:
Suggestion
Use
strncpyinstead ofstrcpyto control the length ofJSON->value:After modification:
The text was updated successfully, but these errors were encountered: