Menu

Commit [d97e03]  Maximize  Restore  History

CGIs: Fixed minor vulnerability where a custom query could crash the CGI.

Most CGIs previously incremented the input variable counter twice when
it encountered a long key value. This could cause the CGI to read past
the end of the list of CGI variables. This commit removes the second
increment, removing the possibility of reading past the end of the list
of CGI variables.

Eric Stanley Eric Stanley 2013-12-20

changed cgi/avail.c
changed cgi/cmd.c
changed cgi/config.c
changed cgi/extinfo.c
changed cgi/histogram.c
changed cgi/notifications.c
changed cgi/outages.c
changed cgi/status.c
changed cgi/statusmap.c
changed cgi/statuswml.c
changed cgi/summary.c
changed cgi/trends.c
changed contrib/daemonchk.c
cgi/avail.c Diff Switch to side-by-side view
Loading...
cgi/cmd.c Diff Switch to side-by-side view
Loading...
cgi/config.c Diff Switch to side-by-side view
Loading...
cgi/extinfo.c Diff Switch to side-by-side view
Loading...
cgi/histogram.c Diff Switch to side-by-side view
Loading...
cgi/notifications.c Diff Switch to side-by-side view
Loading...
cgi/outages.c Diff Switch to side-by-side view
Loading...
cgi/status.c Diff Switch to side-by-side view
Loading...
cgi/statusmap.c Diff Switch to side-by-side view
Loading...
cgi/statuswml.c Diff Switch to side-by-side view
Loading...
cgi/summary.c Diff Switch to side-by-side view
Loading...
cgi/trends.c Diff Switch to side-by-side view
Loading...
contrib/daemonchk.c Diff Switch to side-by-side view
Loading...