mirrors/coturn
1
0
Fork 0
mirror of https://github.com/coturn/coturn.git synced 2025-11-02 16:01:24 +01:00
Code Issues Projects Releases Wiki Activity

Avoid read-past-end of string in get_bold_admin_title (#1499)

Browse Source
This commit is contained in:
Michael Jones 2024-05-27 15:47:54 -05:00 committed by GitHub
parent 544382f313
commit e8fa2f666a
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/apps/relay/turn_admin_server.c
View File

@ -1533,11 +1533,12 @@ static ioa_socket_handle current_socket = NULL;
static char *get_bold_admin_title(void) {
static char sbat[1025];
strncpy(sbat, __bold_admin_title, sizeof(sbat));
strncpy(sbat, __bold_admin_title, sizeof(sbat) - 1);
sbat[sizeof(sbat) - 1] = '\0';
if (current_socket && current_socket->special_session) {
struct admin_session *as = (struct admin_session *)current_socket->special_session;
if (as->as_ok) {
if (as && as->as_ok) {
if (as->as_login[0]) {
char *dst = sbat + strlen(sbat);
snprintf(dst, ADMIN_USER_MAX_LENGTH * 2 + 2, " admin user: <b><i>%s</i></b><br>\r\n", as->as_login);