* Initial approach to RESTful controller.

Fix security issues in fstring handling.
author: Vsevolod Stakhov <vsevolod@rambler-co.ru> 2012-09-14 20:59:23 +0400
committer: Vsevolod Stakhov <vsevolod@rambler-co.ru> 2012-09-14 20:59:23 +0400
commit: 2d81eded1e64737d2ecca278efc2a84be7dbd8f5 (patch)
tree: f9eab401bca807461a76911bcf0199bdb27f8e6d /src/fstring.c
parent: ea68f17ec2f7bffbb8db9000a05d7208fb611204 (diff)
download: rspamd-2d81eded1e64737d2ecca278efc2a84be7dbd8f5.tar.gz
rspamd-2d81eded1e64737d2ecca278efc2a84be7dbd8f5.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/src/fstring.c b/src/fstring.c
index 07b5546a0..9f17ac861 100644
--- a/src/fstring.c
+++ b/src/fstring.c
@@ -218,7 +218,8 @@ fstrcstr (f_str_t * str, memory_pool_t * pool)
 	gchar                           *res;
 	res = memory_pool_alloc (pool, str->len + 1);
 
-	memcpy (res, str->begin, str->len);
+	/* Do not allow multiply \0 characters */
+	memccpy (res, str->begin, '\0', str->len);
 	res[str->len] = 0;
 
 	return res;
author	Vsevolod Stakhov <vsevolod@rambler-co.ru>	2012-09-14 20:59:23 +0400
committer	Vsevolod Stakhov <vsevolod@rambler-co.ru>	2012-09-14 20:59:23 +0400
commit	2d81eded1e64737d2ecca278efc2a84be7dbd8f5 (patch)
tree	f9eab401bca807461a76911bcf0199bdb27f8e6d /src/fstring.c
parent	ea68f17ec2f7bffbb8db9000a05d7208fb611204 (diff)
download	rspamd-2d81eded1e64737d2ecca278efc2a84be7dbd8f5.tar.gz rspamd-2d81eded1e64737d2ecca278efc2a84be7dbd8f5.zip