Fix vulnerabilites based on email:

[ISE-TPS-2014-008] Heap Overflow Vulnerability in Haserl 0.9.32
author: Nathan Angelacos <nangel@alpinelinux.org> 2014-06-07 18:28:55 +0000
committer: Nathan Angelacos <nangel@alpinelinux.org> 2014-06-07 18:28:55 +0000
commit: a34ea4fe74eed37c3550cb0ead159c85beba7090 (patch)
tree: c59aa617f8cd48a001a3ab9b9630000947a903d2 /src/rfc2388.c
parent: 403ad382e15ddc1d434c69e6d41992c824c22e09 (diff)
download: haserl-a34ea4fe74eed37c3550cb0ead159c85beba7090.tar.bz2
haserl-a34ea4fe74eed37c3550cb0ead159c85beba7090.tar.xz
1 files changed, 5 insertions, 2 deletions
diff --git a/src/rfc2388.c b/src/rfc2388.c
index 32c21df..600e11b 100644
--- a/src/rfc2388.c
+++ b/src/rfc2388.c
@@ -137,7 +137,7 @@ mime_tag_add (mime_var_t * obj, char *str)
     {
       a += strlen (tag[0]);
       b = strchr (a, '"');
-      if (!obj->name)
+      if (!obj->name) && ( b )
 	obj->name = mime_substr (a, b - a);
     }
 
@@ -146,7 +146,7 @@ mime_tag_add (mime_var_t * obj, char *str)
     {
       a += strlen (tag[1]);
       b = strchr (a, '"');
-      if (!obj->filename)
+      if (!obj->filename) && ( b )
 	obj->filename = mime_substr (a, b - a);
     }
 
@@ -399,6 +399,9 @@ rfc2388_handler (list_t * env)
   buffer_t buf;
   mime_var_t var;
 
+  /* prevent a potential unitialized free() - ISE-TPS-2014-008 */
+  var.name = NULL;
+
   /* get the boundary info */
   str = getenv ("CONTENT_TYPE");
   i = strlen (str) - 9;
author	Nathan Angelacos <nangel@alpinelinux.org>	2014-06-07 18:28:55 +0000
committer	Nathan Angelacos <nangel@alpinelinux.org>	2014-06-07 18:28:55 +0000
commit	a34ea4fe74eed37c3550cb0ead159c85beba7090 (patch)
tree	c59aa617f8cd48a001a3ab9b9630000947a903d2 /src/rfc2388.c
parent	403ad382e15ddc1d434c69e6d41992c824c22e09 (diff)
download	haserl-a34ea4fe74eed37c3550cb0ead159c85beba7090.tar.bz2 haserl-a34ea4fe74eed37c3550cb0ead159c85beba7090.tar.xz