Skip to content
Permalink
Browse files Browse the repository at this point in the history
miniwget.c: fixed potential buffer overrun
  • Loading branch information
miniupnp committed Dec 9, 2013
1 parent b0c66c0 commit 3a87aa2
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 1 deletion.
3 changes: 3 additions & 0 deletions miniupnpc/Changelog.txt
@@ -1,6 +1,9 @@
$Id: Changelog.txt,v 1.187 2013/06/06 21:36:39 nanard Exp $
miniUPnP client Changelog.

2013/10/07:
fixed potential buffer overrun in miniwget.c

2013/08/01:
define MAXHOSTNAMELEN if not already done

Expand Down
2 changes: 1 addition & 1 deletion miniupnpc/miniwget.c
Expand Up @@ -162,7 +162,7 @@ getHTTPResponse(int s, int * size)
chunked = 1;
}
}
while(header_buf[i]=='\r' || header_buf[i] == '\n')
while((i < (int)header_buf_used) && (header_buf[i]=='\r' || header_buf[i] == '\n'))
i++;
linestart = i;
colon = linestart;
Expand Down

2 comments on commit 3a87aa2

@maysaxen
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this the patch for CVE-2014-3985

@miniupnp
Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this the patch for CVE-2014-3985

isn't it obvious from https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3985

Please sign in to comment.