lorenz.stechauner/sesimos
1
1
Fork 0
Code Issues Pull Requests Projects Releases Activity

Fix array out of bounds for reverse proxy location

Browse Source
This commit is contained in:
Lorenz Stechauner
2022-07-07 20:01:30 +02:00
parent 557e176d3d
commit f0d8a3db4c
1 changed files with 3 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/lib/rev_proxy.c
View File

@ -131,7 +131,7 @@ int rev_proxy_request_header(http_req *req, int enc) {
int rev_proxy_response_header(http_req *req, http_res *res, host_config *conf) { int rev_proxy_response_header(http_req *req, http_res *res, host_config *conf) {
char buf1[256]; char buf1[256];
char buf2[256]; char buf2[256];
int p_len, s_len; int p_len;
char *via = http_get_header_field(&res->hdr, "Via"); char *via = http_get_header_field(&res->hdr, "Via");
p_len = snprintf(buf1, sizeof(buf1), "HTTP/%s %s", req->version, SERVER_NAME); p_len = snprintf(buf1, sizeof(buf1), "HTTP/%s %s", req->version, SERVER_NAME);
@ -153,12 +153,8 @@ int rev_proxy_response_header(http_req *req, http_res *res, host_config *conf) {
char *location = http_get_header_field(&res->hdr, "Location"); char *location = http_get_header_field(&res->hdr, "Location");
if (location != NULL) { if (location != NULL) {
buf2[0] = 0;
s_len = (int) strlen(location);
char *hostnames[] = {conf->name, conf->rev_proxy.hostname}; char *hostnames[] = {conf->name, conf->rev_proxy.hostname};
for (int i = 0; i < sizeof(hostnames) / sizeof(hostnames[0]); i++) {
for (int i = 0; i < sizeof(hostnames); i++) {
char *hostname = hostnames[i]; char *hostname = hostnames[i];
p_len = snprintf(buf1, sizeof(buf1), "http://%s/", hostname); p_len = snprintf(buf1, sizeof(buf1), "http://%s/", hostname);
@ -176,9 +172,8 @@ int rev_proxy_response_header(http_req *req, http_res *res, host_config *conf) {
if (0) { if (0) {
match: match:
snprintf(buf2, sizeof(buf2), "%.*s", s_len - p_len + 1, location + p_len - 1);
http_remove_header_field(&res->hdr, "Location", HTTP_REMOVE_ALL); http_remove_header_field(&res->hdr, "Location", HTTP_REMOVE_ALL);
http_add_header_field(&res->hdr, "Location", buf2); http_add_header_field(&res->hdr, "Location", location + p_len - 1);
} }
} }