diff options
| author | Tim Rühsen <tim.ruehsen@gmx.de> | 2019-03-25 16:05:47 +0100 |
|---|---|---|
| committer | Tim Rühsen <tim.ruehsen@gmx.de> | 2019-03-25 16:05:56 +0100 |
| commit | 5d87635c66aaa01bdf95f6b093b66c3d2768b696 (patch) | |
| tree | f3d965a6ce8584513ce8d039c90fd0049c712395 /fuzz | |
| parent | 4046cd2a710bca7ec81c879f80bea65b2432d4cd (diff) | |
| download | wget-5d87635c66aaa01bdf95f6b093b66c3d2768b696.tar.gz | |
Fix corner case in processing server response
* src/http.c (response_head_terminator): Don't access uninitialized data
* fuzz/wget_read_hunk_fuzzer.c: Sync response_head_terminator()
Diffstat (limited to 'fuzz')
| -rw-r--r-- | fuzz/wget_read_hunk_fuzzer.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/fuzz/wget_read_hunk_fuzzer.c b/fuzz/wget_read_hunk_fuzzer.c index 3a17fc51..800cebd2 100644 --- a/fuzz/wget_read_hunk_fuzzer.c +++ b/fuzz/wget_read_hunk_fuzzer.c @@ -170,7 +170,7 @@ response_head_terminator (const char *start, const char *peeked, int peeklen) return p + 2; } /* p==end-2: check for \n\n directly preceding END. */ - if (p[0] == '\n' && p[1] == '\n') + if (peeklen >= 2 && p[0] == '\n' && p[1] == '\n') return p + 2; return NULL; |