date: 2003/01/07 20:46:12; author: wessels; state: Exp; lines: +2 -1

alan mccaig <alanmccaig@yahoo.co.uk> discovered a buffer overrun in
'squidclient'.  The simple fix is to use strncpy() instead of strcpy()
and make sure the URL buffer is always terminated.

diff --git a/src/client.cc b/src/client.cc
index e16a9bcda646d18e211ca7c5c29fa049e0f79b2a..56931f202557c5e384ab038ef81f1faa844ec348 100644 (file)
--- a/src/client.cc
+++ b/src/client.cc
@@ -1,6 +1,6 @@
 
 /*
- * $Id: client.cc,v 1.101 2002/10/13 20:34:59 robertc Exp $
+ * $Id: client.cc,v 1.102 2003/01/09 11:40:40 hno Exp $
  *
  * DEBUG: section 0     WWW Client
  * AUTHOR: Harvest Derived
@@ -124,7 +124,8 @@ main(int argc, char *argv[])
     if (argc < 2) {
        usage(argv[0]);         /* need URL */
     } else if (argc >= 2) {
-       strcpy(url, argv[argc - 1]);
+       strncpy(url, argv[argc - 1], BUFSIZ);
+       url[BUFSIZ - 1] = '\0';
        if (url[0] == '-')
            usage(argv[0]);
        while ((c = getopt(argc, argv, "ah:l:P:i:km:p:rsvt:g:p:I:H:T:u:U:w:W:?")) != -1)