cshampoo security advisories

cshampoo is based on a library called csoap. While working with the original csoap code, we've found a number of security vulnerabilities. This section of our web site is dedicated to documenting those issues and any new issues that arrise. CSECA (Cshampoo SECurity Advisory) reports will be posted as issues are fixed.

Problems found in cshampoo Releases

There are no known security issues with any cshampoo releases.

Problems found in csoap Releases

The following problems were identified, documented and fixed before the first release of cshampoo. The issues were found during an audit of the csoap-1.1.0 code base.

CSECA-07001yoctohttpBuffer overflow in hurl_parse()Revision 28
CSECA-07002yoctohttpBuffer overflow in hurl_parse()Revision 28
CSECA-07003yoctohttpBuffer overflow in _httpc_set_basic_authorization_header()Revision 33
CSECA-07004yoctohttpBuffer overflow in httpd_session_main()Revision 35
CSECA-07005yoctohttpBuffer overflow in httpd_session_main()Revision 35
CSECA-07006yoctohttpBuffer overflow in httpc_send_header()Revision 40
CSECA-07007yoctohttpBuffer overflow in httpc_talk_to_server()Revision 40
CSECA-07008yoctohttpBuffer overflow in httpc_talk_to_server()Revision 40
CSECA-07009yoctohttpBuffer overflow in httpc_header_set_date()Revision 40
CSECA-07010yoctohttpBuffer overflow in httpc_mime_begin()Revision 49
CSECA-07011yoctohttpBuffer overflow in httpc_mime_begin()Revision 49
CSECA-07012yoctohttpBuffer overflow in httpc_mime_begin()Revision 49
CSECA-07013yoctohttpBuffer overflow in httpc_mime_begin()Revision 49
CSECA-07014yoctohttpBuffer overflow in httpc_mime_next()Revision 49
CSECA-07015yoctohttpBuffer overflow in httpc_mime_next()Revision 49
CSECA-07016yoctohttpBuffer overflow in httpc_mime_end()Revision 49
CSECA-07017yoctohttpBuffer overflow in http_input_stream_new_from_file()Revision 60
CSECA-07018yoctohttpBuffer overflow in httpd_send_header()Revision 62
CSECA-07019yoctohttpBuffer overflow in httpd_send_header()Revision 62
CSECA-07020yoctohttpBuffer overflow in herror_new()Revision 62
CSECA-07021yoctohttpBuffer overflow in herror_new()Revision 63
CSECA-07022yoctohttpBuffer overflow in part_new()Revision 65
CSECA-07023yoctohttpBuffer overflow in part_new()Revision 65
CSECA-07024yoctohttpBuffer overflow in part_new()Revision 65
CSECA-07025yoctohttpBuffer overflow in part_new()Revision 65
CSECA-07026yoctohttpBuffer overflow in httpd_mime_send_header()Revision 65
CSECA-07027yoctohttpBuffer overflow in httpd_register_secure()Revision 68
CSECA-07028cshampooBuffer overflow in soap_ctx_get_file()Revision 80
CSECA-07029cshampooBuffer overflow in soap_env_new_with_method()Revision 80

Note: this list might be incomplete. Various clean-ups were done which may have ended up fixing unknown security issues. For example, the old csoap code didn't always check if malloc() failed, nor did it set pointers to NULL after free()'ing memory, nor did it always check a if a struct pointer was NULL before dereference it when attempting access its members, nor did it always zero out structs and arrays before using them, etc, etc. Those issues have mostly been corrected. Additionally, we have completely removed some functions that we didn't think were very useful. Those functions weren't checked for security bugs.