Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
remote null pointer dereference trigger in admin handler #1221
It's possible to trigger NULL pointer dereference in case if request uses POST method with empty body.
If post body is empty then post.buf is NULL and strchr on tmp results in
Proof of concept:
test15 is the admin handler.
found by: Mateusz Kocielski, Michał Dardas from LogicalTrust
Thanks for this very valuable insight. While this only happens when the admin is running, it is obviously bad a practice. When evaluating the code my initial assumption would be that "has_info" should already cover for this, but that only takes care of the headers.