romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-04-14 23:51:42 +03:00
Code Issues Projects Releases Packages Wiki Activity

synctime: fix off-by-one read and write to a read-only buffer (Windows)

Browse source 
Also making the `--synctime` option work.

Off-by-one found by Codex Security

Assisted-by: Jay Satiro

Closes #20987
This commit is contained in:
Viktor Szakats 2026-03-18 19:01:10 +01:00
parent e345dfb958
commit d86fd143a1
No known key found for this signature in database
1 changed files with 6 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

9
docs/examples/synctime.c
View file

@ -134,9 +134,12 @@ static size_t SyncTime_CURL_WriteHeader(void *ptr, size_t size, size_t nmemb,
char *field = ptr;
*TmpStr1 = 0;
*TmpStr2 = 0;
if(nmemb && (field[nmemb] == '\n')) {
field[nmemb] = 0; /* null-terminated */
RetVal = sscanf(field, "Date: %25s %hu %25s %hu %hu:%hu:%hu",
if(nmemb && (field[nmemb - 1] == '\n')) {
char header[100];
size_t len = nmemb < sizeof(header) ? nmemb : sizeof(header) - 1;
memcpy(header, field, len);
header[len] = 0; /* null-terminate local copy */
RetVal = sscanf(header, "Date: %25s %hu %25s %hu %hu:%hu:%hu",
TmpStr1, &SYSTime.wDay, TmpStr2, &SYSTime.wYear,
&SYSTime.wHour, &SYSTime.wMinute,
&SYSTime.wSecond);