Fix query buffer overflow

author: Andrey A. Chernov <ache@FreeBSD.org> 2002-05-15 08:52:48 +0000
committer: Andrey A. Chernov <ache@FreeBSD.org> 2002-05-15 08:52:48 +0000
commit: f2079b3a0011233f0078e1b59df65b897862fd39 (patch)
tree: 28f34a7d8f1364cc18b7020463c89dadfe000e3f /www/mnogosearch31/files/patch-ac
parent: Update to patch 9.2zc. The new patches contain mostly fixes for (diff)
1 files changed, 14 insertions, 3 deletions
diff --git a/www/mnogosearch31/files/patch-ac b/www/mnogosearch31/files/patch-ac
index 1fbce5bd52ef..673785c743f0 100644
--- a/www/mnogosearch31/files/patch-ac
+++ b/www/mnogosearch31/files/patch-ac
@@ -1,6 +1,6 @@
---- src/search.c.bak	Tue May 15 13:08:14 2001
-+++ src/search.c	Fri May 18 16:22:44 2001
-@@ -1239,7 +1239,7 @@
+--- src/search.c.orig	Tue Jun 26 12:55:17 2001
++++ src/search.c	Wed May 15 11:29:07 2002
+@@ -1246,7 +1246,7 @@
  int i;
  time_t tclock;
  	tclock=time(0);
@@ -9,3 +9,14 @@
  	for(i=0;i<MAXRANDOM;i++)
  		Randoms[i]=0;
  }
+@@ -1404,6 +1404,10 @@
+ 		if(!UDM_STRNCMP(token,"q=")){
+ 			char str[UDMSTRSIZ]="";
+ 			query_words=strdup(UdmUnescapeCGIQuery(str,token+2));
++			if (strlen(query_words) > 512) {
++				printf("<html><body>Query string too long!</body></html>\n");
++				return(0);
++			}
+ 			query_url_escaped=strdup(UdmEscapeURL(str,query_words));
+ 			query_form_escaped=UdmHtmlSpecialChars(query_words);
+ 		}else
author	Andrey A. Chernov <ache@FreeBSD.org>	2002-05-15 08:52:48 +0000
committer	Andrey A. Chernov <ache@FreeBSD.org>	2002-05-15 08:52:48 +0000
commit	f2079b3a0011233f0078e1b59df65b897862fd39 (patch)
tree	28f34a7d8f1364cc18b7020463c89dadfe000e3f /www/mnogosearch31/files/patch-ac
parent	Update to patch 9.2zc. The new patches contain mostly fixes for (diff)