[Openvas-commits] r2456 - in trunk/openvas-libnasl: . nasl
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Thu Feb 12 10:42:52 CET 2009
Author: mwiegand
Date: 2009-02-12 10:42:52 +0100 (Thu, 12 Feb 2009)
New Revision: 2456
Modified:
trunk/openvas-libnasl/ChangeLog
trunk/openvas-libnasl/nasl/nasl_http.c
Log:
* nasl/nasl_http.c (_http_req): Replaced usage of a number of glibc
string functions with their glib counterparts to ensure buffer
boundary checking takes place in a secure manner when constructing
HTTP requests. Removed Flawfinder/RATS statements since they were
without explanation and related to the glibc string functions that
were replaced.
Modified: trunk/openvas-libnasl/ChangeLog
===================================================================
--- trunk/openvas-libnasl/ChangeLog 2009-02-11 15:51:00 UTC (rev 2455)
+++ trunk/openvas-libnasl/ChangeLog 2009-02-12 09:42:52 UTC (rev 2456)
@@ -1,3 +1,12 @@
+2009-02-12 Michael Wiegand <michael.wiegand at intevation.de>
+
+ * nasl/nasl_http.c (_http_req): Replaced usage of a number of glibc
+ string functions with their glib counterparts to ensure buffer
+ boundary checking takes place in a secure manner when constructing
+ HTTP requests. Removed Flawfinder/RATS statements since they were
+ without explanation and related to the glibc string functions that
+ were replaced.
+
2009-02-10 Jan-Oliver Wagner <jan-oliver.wagner at intevation.de>
* configure.in: Raised requirement to 2.0.1 of openvas-libraries.
Modified: trunk/openvas-libnasl/nasl/nasl_http.c
===================================================================
--- trunk/openvas-libnasl/nasl/nasl_http.c 2009-02-11 15:51:00 UTC (rev 2455)
+++ trunk/openvas-libnasl/nasl/nasl_http.c 2009-02-12 09:42:52 UTC (rev 2456)
@@ -16,6 +16,7 @@
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#include <includes.h>
+#include <glib.h>
#include "nasl_tree.h"
#include "nasl_global_ctxt.h"
@@ -64,6 +65,7 @@
int al;
char content_l_str[32];
struct kb_item ** kb;
+ int str_length = 0;
if( item == NULL || port < 0)
@@ -80,13 +82,13 @@
}
kb = plug_get_kb(script_infos);
- snprintf(tmp, sizeof(tmp), "/tmp/http/auth/%d", port); /* RATS: ignore */
+ g_snprintf(tmp, sizeof(tmp), "/tmp/http/auth/%d", port);
auth = kb_item_get_str(kb, tmp);
if (auth == NULL)
auth = kb_item_get_str(kb, "http/auth");
- snprintf(tmp, sizeof(tmp), "http/%d", port); /* RATS: ignore */
+ g_snprintf(tmp, sizeof(tmp), "http/%d", port);
ver = kb_item_get_int(kb, tmp);
if (data == NULL)
@@ -96,7 +98,7 @@
else
{
cl = strlen(data);
- snprintf(content_l_str, sizeof(content_l_str), "Content-Length: %d\r\n", cl); /* RATS: ignore */
+ g_snprintf(content_l_str, sizeof(content_l_str), "Content-Length: %d\r\n", cl);
}
if( auth != NULL )
@@ -123,9 +125,10 @@
}
url = build_encode_URL(script_infos, keyword, NULL, item, "HTTP/1.1");
- str = emalloc(strlen(url) + strlen(hostname) + al + cl + strlen(ua) + 1024);
+ str_length = strlen(url) + strlen(hostname) + al + cl + strlen(ua) + 1024;
+ str = emalloc(str_length);
/* NIDS evasion */
- sprintf(str, "%s\r\n\
+ g_snprintf(str, str_length, "%s\r\n\
Connection: Close\r\n\
Host: %s\r\n\
Pragma: no-cache\r\n\
@@ -140,25 +143,26 @@
/* NIDS evasion */
url = build_encode_URL(script_infos, keyword, NULL, item, "HTTP/1.0\r\n");
- str = emalloc(strlen(url) + al + cl + 120);
- strcpy(str, url); /* Flawfinder: ignore */
+ str_length = strlen(url) + al + cl + 120;
+ str = emalloc(str_length);
+ g_strlcpy(str, url, str_length);
}
efree(&url);
if (auth != NULL)
{
- strcat(str, auth); /* Flawfinder: ignore */
- strcat(str, "\r\n");
+ g_strlcat(str, auth, str_length);
+ g_strlcat(str, "\r\n", str_length);
}
if (data != NULL)
- strcat(str, content_l_str); /* Flawfinder: ignore */
+ g_strlcat(str, content_l_str, str_length);
- strcat(str, "\r\n");
+ g_strlcat(str, "\r\n", str_length);
if (data != NULL)
{
- strcat(str, data); /* Flawfinder: ignore */
+ g_strlcat(str, data, str_length);
}
retc = alloc_tree_cell(0, NULL);
More information about the Openvas-commits
mailing list