cshampoo - CSECA-07004 - Buffer overflow in httpd_session

Last Published: 2007-11-08

Vermont Department of Taxes

CSECA-07004 - Buffer overflow in httpd_session_main()

If a service isn't registered properly (i.e. service->func == NULL), req->path will be copied into a fixed size buffer. If req->path is greater than 255 bytes in length, then the buffer will overflow.

Example Code

No example code for this one.

Copyright © 2007 Vermont Department of Taxes
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License".

Overview

User Documentation

Developer Documentation

Maintainer Documentation

Project Resources

External Resources

Other VT Tax Projects

CSECA-07004 - Buffer overflow in httpd_session_main()

Example Code