9e81d14dae
It fixes a security vulnerabilty. http://www.apsis.ch/pound/pound_list/archive/2003/2003-12/1070234315000 PR: 65132 Submitted by: ryan <ports@c0decafe.net> Reviewed by: me Update approved by: anders (maintainer)
30 lines
2.1 KiB
C
30 lines
2.1 KiB
C
--- pound.c Wed Mar 24 16:03:14 2004
|
|
+++ pound.c Tue Mar 30 19:13:51 2004
|
|
@@ -742,10 +742,11 @@
|
|
logmsg(LOG_WARNING, "HTTP arg: malloc");
|
|
close(clnt);
|
|
} else {
|
|
+ socklen_t namelen;
|
|
arg->sock = clnt;
|
|
arg->from_host = clnt_addr.sin_addr;
|
|
- memset(&arg->to_host, 0, n = sizeof(arg->to_host));
|
|
- getsockname(http_sock[i], (struct sockaddr *)&arg->to_host, &n);
|
|
+ memset(&arg->to_host, 0, namelen = sizeof(arg->to_host));
|
|
+ getsockname(http_sock[i], (struct sockaddr *)&arg->to_host, &namelen);
|
|
arg->ctx = NULL;
|
|
if(pthread_create(&thr, &attr, thr_http, (void *)arg)) {
|
|
logmsg(LOG_WARNING, "HTTP pthread_create: %s", strerror(errno));
|
|
@@ -776,10 +777,11 @@
|
|
logmsg(LOG_WARNING, "HTTPS arg: malloc");
|
|
close(clnt);
|
|
} else {
|
|
+ socklen_t namelen;
|
|
arg->sock = clnt;
|
|
arg->from_host = clnt_addr.sin_addr;
|
|
- memset(&arg->to_host, 0, n = sizeof(arg->to_host));
|
|
- getsockname(https_sock[i], (struct sockaddr *)&arg->to_host, &n);
|
|
+ memset(&arg->to_host, 0, namelen = sizeof(arg->to_host));
|
|
+ getsockname(https_sock[i], (struct sockaddr *)&arg->to_host, &namelen);
|
|
arg->ctx = ctx[i];
|
|
if(pthread_create(&thr, &attr, thr_http, (void *)arg)) {
|
|
logmsg(LOG_WARNING, "HTTPS pthread_create: %s", strerror(errno));
|