Reject eui64 ACL addresses with trailing garbage (#2157)

author Joshua Rogers <MegaManSec@users.noreply.github.com>

Wed, 3 Sep 2025 13:09:10 +0000 (13:09 +0000)

committer Squid Anubis <squid-anubis@squid-cache.org>

Wed, 3 Sep 2025 14:39:06 +0000 (14:39 +0000)
author Joshua Rogers <MegaManSec@users.noreply.github.com>
Wed, 3 Sep 2025 13:09:10 +0000 (13:09 +0000)
committer Squid Anubis <squid-anubis@squid-cache.org>
Wed, 3 Sep 2025 14:39:06 +0000 (14:39 +0000)
diff --git a/src/acl/Eui64.cc b/src/acl/Eui64.cc

index 626eb3a48f07a6972d3dd07d94098bcdfce6158b..2e076268ee7bc4bfff8a25e53889a01f893bd877 100644 (file)
--- a/src/acl/Eui64.cc
+++ b/src/acl/Eui64.cc
@@ -42,7 +42,8 @@ aclParseEuiData(const char *t)
      Eui::Eui64 *q = new Eui::Eui64;
      debugs(28, 5, "aclParseEuiData: " << t);
  
-    if (sscanf(t, "%[0-9a-fA-F:]", buf) != 1) {
+    int n = 0;
+    if (sscanf(t, "%255[0-9a-fA-F:]%n", buf, &n) != 1 || t[n] != '\0') {
          debugs(28, DBG_CRITICAL, "ERROR: aclParseEuiData: Bad EUI-64 address: '" << t << "'");
          delete q;
          return nullptr;
author	Joshua Rogers <MegaManSec@users.noreply.github.com>
	Wed, 3 Sep 2025 13:09:10 +0000 (13:09 +0000)
committer	Squid Anubis <squid-anubis@squid-cache.org>
	Wed, 3 Sep 2025 14:39:06 +0000 (14:39 +0000)