From: Jann Horn Date: Sun, 4 May 2014 18:35:00 +0000 (+0200) Subject: fix loadmap: prevent stack/heap overlap based exploits X-Git-Url: http://git.thejh.net/?a=commitdiff_plain;h=e0bb37a7fca22a9d6339f5afc5ddafc153cd99d6;hp=-c;p=quakecontrol.git fix loadmap: prevent stack/heap overlap based exploits --- e0bb37a7fca22a9d6339f5afc5ddafc153cd99d6 diff --git a/loadmap.c b/loadmap.c index bc6eb9b..d060a34 100644 --- a/loadmap.c +++ b/loadmap.c @@ -7,6 +7,7 @@ char *map; void check_map_name(void) { if (map == NULL) senderr("missing query string", false); + if (strlen(map) > 100) senderr("map string is too long - no stack/heap overlap issue for you!", false); for (char *p = map; *p; p++) { if (*p >= 'a' && *p <= 'z') continue; if (*p >= 'A' && *p <= 'Z') continue; @@ -29,4 +30,4 @@ int main(void) { "\nX-Frame-Options: DENY" "\n"); exit(0); -} \ No newline at end of file +}