From 5bac8e33401410033c16030858febc82e05151a3 Mon Sep 17 00:00:00 2001
From: wessels <>
Date: Mon, 30 Apr 2007 22:38:19 +0000
Subject: [PATCH] Fixed buffer overflow bug in whois.cc.

Terminating null was written one byte past end of the buffer,
clobbering the dataWritten variable.  Caused an assertion for whois
replies longer than BUFSIZ (1024) bytes.
---
 src/whois.cc | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/whois.cc b/src/whois.cc
index ba0d35f364..0f923091b8 100644
--- a/src/whois.cc
+++ b/src/whois.cc
@@ -1,6 +1,6 @@
 
 /*
- * $Id: whois.cc,v 1.41 2007/04/28 22:26:38 hno Exp $
+ * $Id: whois.cc,v 1.42 2007/04/30 16:38:19 wessels Exp $
  *
  * DEBUG: section 75    WHOIS protocol
  * AUTHOR: Duane Wessels, Kostas Anagnostakis
@@ -54,7 +54,7 @@ public:
     StoreEntry *entry;
     HttpRequest *request;
     FwdState::Pointer fwd;
-    char buf[BUFSIZ];
+    char buf[BUFSIZ+1];		/* readReply adds terminating NULL */
     bool dataWritten;
 };
 
@@ -89,7 +89,7 @@ whoisStart(FwdState * fwd)
     p->request = fwd->request;
     p->entry = fwd->entry;
     p->fwd = fwd;
-    p->dataWritten = 0;
+    p->dataWritten = false;
 
     p->entry->lock()
 
@@ -158,7 +158,7 @@ WhoisState::readReply (int fd, char *buf, size_t len, comm_err_t flag, int xerrn
         kb_incr(&statCounter.server.http.kbytes_in, len);
 
         /* No range support, we always grab it all */
-        dataWritten = 1;
+        dataWritten = true;
 
         entry->append(buf, len);
 
-- 
2.47.2