From 7a9e5ba68f5359fe2971eafe266c265ee2499351 Mon Sep 17 00:00:00 2001 From: shirleyquirk <31934565+shirleyquirk@users.noreply.github.com> Date: Fri, 16 Apr 2021 13:22:51 +0100 Subject: [PATCH] Fix buffer-overrun bug in net (#17728) [backport:1.0] (cherry picked from commit fdd4391534578d6a5a655eef99ef96e53ff2b4f1) --- changelog.md | 7 +++++++ lib/pure/net.nim | 7 +++---- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/changelog.md b/changelog.md index 3b9dbe04e5..ae46b8cd21 100644 --- a/changelog.md +++ b/changelog.md @@ -3,6 +3,13 @@ ## Standard library additions and changes +- Added support for parenthesized expressions in `strformat` + +- Fixed buffer overflow bugs in `net` + +- Added `sections` iterator in `parsecfg`. + +- Make custom op in macros.quote work for all statements. For `net` and `nativesockets`, an `inheritable` flag has been added to all `proc`s that create sockets, allowing the user to control whether the diff --git a/lib/pure/net.nim b/lib/pure/net.nim index abcb05d704..72864084e6 100644 --- a/lib/pure/net.nim +++ b/lib/pure/net.nim @@ -650,12 +650,11 @@ when defineSsl: let ctx = SslContext(context: ssl.SSL_get_SSL_CTX) let hintString = if hint == nil: "" else: $hint let (identityString, pskString) = (ctx.clientGetPskFunc)(hintString) - if psk.len.cuint > max_psk_len: + if pskString.len.cuint > max_psk_len: return 0 if identityString.len.cuint >= max_identity_len: return 0 - - copyMem(identity, identityString.cstring, pskString.len + 1) # with the last zero byte + copyMem(identity, identityString.cstring, identityString.len + 1) # with the last zero byte copyMem(psk, pskString.cstring, pskString.len) return pskString.len.cuint @@ -676,7 +675,7 @@ when defineSsl: max_psk_len: cint): cuint {.cdecl.} = let ctx = SslContext(context: ssl.SSL_get_SSL_CTX) let pskString = (ctx.serverGetPskFunc)($identity) - if psk.len.cint > max_psk_len: + if pskString.len.cint > max_psk_len: return 0 copyMem(psk, pskString.cstring, pskString.len)