updates.

author Pekka Riikonen <priikone@silcnet.org>

Tue, 19 Jun 2001 20:58:57 +0000 (20:58 +0000)

committer Pekka Riikonen <priikone@silcnet.org>

Tue, 19 Jun 2001 20:58:57 +0000 (20:58 +0000)
author Pekka Riikonen <priikone@silcnet.org>
Tue, 19 Jun 2001 20:58:57 +0000 (20:58 +0000)
committer Pekka Riikonen <priikone@silcnet.org>
Tue, 19 Jun 2001 20:58:57 +0000 (20:58 +0000)
diff --git a/CHANGES b/CHANGES

index d2d9efbb041b2aaa538e2ee58e5e943d4f160259..85738f14f9bfe1a965ee7e984a31e3f4259a060d 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -10,6 +10,9 @@ Tue Jun 19 22:10:36 EEST 2001  Pekka Riikonen <priikone@poseidon.pspt.fi>
  
           The affected file is lib/silccore/silcpacket.c.
  
+       * Fixed buffer overflow in silc_parse_nickname in the file
+         lib/silcutil/silcutil.c.
+
  Tue Jun 19 13:40:09 CEST 2001  Pekka Riikonen <priikone@poseidon.pspt.fi>
  
         * make install generates new server keys only if there is not
diff --git a/lib/silcutil/silcutil.c b/lib/silcutil/silcutil.c

index 9da9aea45de65065768afe63f0dff48b303eac79..dee8d90b72569c84b565ce5188b9573fc24b6a16 100644 (file)
--- a/lib/silcutil/silcutil.c
+++ b/lib/silcutil/silcutil.c
@@ -364,19 +364,21 @@ int silc_parse_nickname(char *string, char **nickname, char **server,
                         uint32 *num)
  {
    uint32 tlen;
-  char tmp[256];
  
    if (!string)
      return FALSE;
  
    if (strchr(string, '!')) {
+    char *tmp;
      tlen = strcspn(string, "!");
-    memset(tmp, 0, sizeof(tmp));
+    tmp = silc_calloc(tlen + 1, sizeof(*tmp));
      memcpy(tmp, string, tlen);
  
      if (num)
        *num = atoi(tmp);
  
+    silc_free(tmp);
+
      if (tlen >= strlen(string))
        return FALSE;
author	Pekka Riikonen <priikone@silcnet.org>
	Tue, 19 Jun 2001 20:58:57 +0000 (20:58 +0000)
committer	Pekka Riikonen <priikone@silcnet.org>
	Tue, 19 Jun 2001 20:58:57 +0000 (20:58 +0000)
CHANGES		patch \| blob \| history
lib/silcutil/silcutil.c		patch \| blob \| history