From 192e7d55d0b5286b2d7183aae6fb44e3ee380c54 Mon Sep 17 00:00:00 2001 From: Alex R Date: Thu, 7 May 2015 19:13:51 -0700 Subject: [PATCH] Fixed an overflow issue in BinVoucher command line when path to BinVoucher is long enough --- src/http.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/http.c b/src/http.c index 1033b8d..3f4b5d8 100644 --- a/src/http.c +++ b/src/http.c @@ -167,7 +167,6 @@ http_nodogsplash_first_contact(request *r) s_config *config; const char *redir; char *origurl; - char cmd_buff[255]; char *data = NULL; int seconds; @@ -201,6 +200,7 @@ http_nodogsplash_first_contact(request *r) /* Don't serve splash, just authenticate */ http_nodogsplash_callback_action(r,authtarget,AUTH_MAKE_AUTHENTICATED); } else if (config->enable_preauth) { + char cmd_buff[strlen(config->bin_voucher)+strlen(client->mac)+14]; snprintf(cmd_buff, sizeof(cmd_buff) - 1, "%s auth_status %s", config->bin_voucher, client->mac); data = system_exec(cmd_buff); @@ -347,7 +347,7 @@ http_nodogsplash_callback_auth(httpd *webserver, request *r) s_config *config; t_client *client; t_auth_target *authtarget; - char /**ip, *mac,*/ *msg = NULL, cmd_buff[255], *data = NULL; + char /**ip, *mac,*/ *msg = NULL, *data = NULL; int seconds; client = http_nodogsplash_add_client(r); @@ -366,6 +366,7 @@ http_nodogsplash_callback_auth(httpd *webserver, request *r) if (!authtarget->voucher || !http_isAlphaNum(authtarget->voucher)) goto serve_splash; + char cmd_buff[strlen(config->bin_voucher)+strlen(client->mac)+strlen(authtarget->voucher)+16]; snprintf(cmd_buff, sizeof(cmd_buff) - 1, "%s auth_voucher %s %s", config->bin_voucher, client->mac, authtarget->voucher); data = system_exec(cmd_buff);