From e0bb37a7fca22a9d6339f5afc5ddafc153cd99d6 Mon Sep 17 00:00:00 2001
From: Jann Horn <jannhorn@googlemail.com>
Date: Sun, 4 May 2014 20:35:00 +0200
Subject: [PATCH] fix loadmap: prevent stack/heap overlap based exploits

---
 loadmap.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/loadmap.c b/loadmap.c
index bc6eb9b..d060a34 100644
--- a/loadmap.c
+++ b/loadmap.c
@@ -7,6 +7,7 @@ char *map;
 
 void check_map_name(void) {
   if (map == NULL) senderr("missing query string", false);
+  if (strlen(map) > 100) senderr("map string is too long - no stack/heap overlap issue for you!", false);
   for (char *p = map; *p; p++) {
     if (*p >= 'a' && *p <= 'z') continue;
     if (*p >= 'A' && *p <= 'Z') continue;
@@ -29,4 +30,4 @@ int main(void) {
      "\nX-Frame-Options: DENY"
      "\n");
   exit(0);
-}
\ No newline at end of file
+}
-- 
2.20.1