Skip to content

M
mpd
Commit 4b81cf0c authored by cathugger's avatar cathugger Committed by Max Kellermann
Browse files
Options

output/httpd: use strncmp instead of memcmp

memcmp use may result in out of bounds access
parent e7acbf11
Show whitespace changes
Inline Side-by-side
Showing with 3 additions and 3 deletions
src/output/plugins/httpd/HttpdClient.cxx
View file @ 4b81cf0c
...@@ -71,10 +71,10 @@ HttpdClient::HandleLine(const char *line) noexcept ...@@ -71,10 +71,10 @@ HttpdClient::HandleLine(const char *line) noexcept
assert(state != State::RESPONSE); assert(state != State::RESPONSE);
if (state == State::REQUEST) { if (state == State::REQUEST) {
if (memcmp(line, "HEAD /", 6) == 0) { if (strncmp(line, "HEAD /", 6) == 0) {
line += 6; line += 6;
head_method = true; head_method = true;
} else if (memcmp(line, "GET /", 5) == 0) { } else if (strncmp(line, "GET /", 5) == 0) {
line += 5; line += 5;
} else { } else {
/* only GET is supported */ /* only GET is supported */
...@@ -84,7 +84,7 @@ HttpdClient::HandleLine(const char *line) noexcept ...@@ -84,7 +84,7 @@ HttpdClient::HandleLine(const char *line) noexcept
} }
line = strchr(line, ' '); line = strchr(line, ' ');
if (line == nullptr || memcmp(line + 1, "HTTP/", 5) != 0) { if (line == nullptr || strncmp(line + 1, "HTTP/", 5) != 0) {
/* HTTP/0.9 without request headers */ /* HTTP/0.9 without request headers */
if (head_method) if (head_method)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment