From 1929f3a6c03dd882b6df8a129e1afa01f812544f Mon Sep 17 00:00:00 2001
From: Andy Green <andy@warmcat.com>
Date: Sat, 13 Jul 2019 11:51:45 -0700
Subject: [PATCH] COVA11597: buffer http_proxy env var before using

---
 lib/core-net/vhost.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/lib/core-net/vhost.c b/lib/core-net/vhost.c
index 069252325..013acd52b 100644
--- a/lib/core-net/vhost.c
+++ b/lib/core-net/vhost.c
@@ -436,7 +436,7 @@ lws_create_vhost(struct lws_context *context,
 #endif
 	struct lws_protocols *lwsp;
 	int m, f = !info->pvo, fx = 0, abs_pcol_count = 0;
-	char buf[20];
+	char buf[96];
 #if !defined(LWS_WITHOUT_CLIENT) && defined(LWS_HAVE_GETENV)
 	char *p;
 #endif
@@ -694,8 +694,11 @@ lws_create_vhost(struct lws_context *context,
 	{
 #ifdef LWS_HAVE_GETENV
 		p = getenv("http_proxy");
-		if (p && strlen(p) > 0 && strlen(p) < 95)
-			lws_set_proxy(vh, p);
+		if (p) {
+			lws_strncpy(buf, p, sizeof(buf));
+
+			lws_set_proxy(vh, buf);
+		}
 #endif
 	}
 #endif