Skip to content

Commit

Permalink
Fix buffer overflow downloading large pac file
Browse files Browse the repository at this point in the history 
This fixes CVE CVE-2012-4504
  • Loading branch information
nicolas.dufresne@gmail.com committed Oct 10, 2012
1 parent ffc977c commit c440553
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion libproxy/url.cpp
View file
Expand Up @@ -474,9 +474,10 @@ char* url::get_pac() {
// Add this chunk to our content length,
// ensuring that we aren't over our max size
content_length += chunk_length;
if (content_length >= PAC_MAX_SIZE) break;
}

if (content_length >= PAC_MAX_SIZE) break;

while (recvd != content_length) {
int r = recv(sock, buffer + recvd, content_length - recvd, 0);
if (r < 0) break;
Expand Down

0 comments on commit c440553

Please sign in to comment.