libwebsockets

stv0g/libwebsockets

Fork 0

Commit graph

Author	SHA1	Message	Date
Andy Green	b95e7fe466	gcc format strings: http2	2017-02-05 22:46:39 +08:00
Andy Green	a496700b3a	lws_snprintf Thanks to Fabrice Gilot for reporting the problem that led to uncovering this. Due to a misunderstanding of the return value of snprintf (it is not truncated according to the max size passed in) in several places relying on snprintf to truncate the length overflows are possible. This patch wraps snprintf with a new lws_snprintf() which does truncate its length to allow the buffer limiting scheme to work properly. All users should update with these fixes.	2016-09-15 02:22:57 +08:00
Andy Green	014481e912	documentation convert to doxygen Signed-off-by: Andy Green <andy@warmcat.com>	2016-07-14 08:57:27 +08:00

Author

SHA1

Message

Date

Andy Green

b95e7fe466

gcc format strings: http2

2017-02-05 22:46:39 +08:00

Andy Green

a496700b3a

lws_snprintf

Thanks to Fabrice Gilot for reporting the problem that led to uncovering this.

Due to a misunderstanding of the return value of snprintf (it is not truncated according
to the max size passed in) in several places relying on snprintf to truncate the length
overflows are possible.

This patch wraps snprintf with a new lws_snprintf() which does truncate its length to allow
the buffer limiting scheme to work properly.

All users should update with these fixes.

2016-09-15 02:22:57 +08:00

Andy Green

014481e912

documentation convert to doxygen

Signed-off-by: Andy Green <andy@warmcat.com>

2016-07-14 08:57:27 +08:00

3 commits