scottk/wlan-ap
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/wlan-ap.git synced 2025-10-29 17:42:41 +00:00
Code Issues Packages Projects Releases 10 Wiki Activity

opennds: fix a segfault caused that can be triggered via a bad url parameter

Browse Source 
Fixes: WIFI-6724
Signed-off-by: John Crispin <john@phrozen.org>
This commit is contained in:
John Crispin
2022-02-04 06:47:30 +01:00
parent 27947a07f7
commit b0af666cb4
1 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
feeds/ucentral/opennds/patches/200-exploits.patch Normal file
View File

@@ -0,0 +1,13 @@
Index: openNDS-9.0.0/src/http_microhttpd.c
===================================================================
--- openNDS-9.0.0.orig/src/http_microhttpd.c
+++ openNDS-9.0.0/src/http_microhttpd.c
@@ -531,7 +531,7 @@ static int try_to_authenticate(struct MH
debug(LOG_DEBUG, "client->token=%s tok=%s ", client->token, tok );
//Check if token (tok) or hash_id (hid) mode
- if (strlen(tok) > 8) {
+ if (tok && strlen(tok) > 8) {
// hid mode
hash_str(hid, sizeof(hid), client->token);
safe_asprintf(&rhidraw, "%s%s", hid, config->fas_key);