Skip to content

Commit

Permalink
Fix buffer-overrun bug in net (nim-lang#17728) [backport:1.0]
Browse files Browse the repository at this point in the history
  • Loading branch information
shirleyquirk authored and PMunch committed Mar 28, 2022
1 parent c44d564 commit cac2f6f
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 4 deletions.
2 changes: 2 additions & 0 deletions changelog.md
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,8 @@
## Standard library additions and changes
- Added support for parenthesized expressions in `strformat`

- Fixed buffer overflow bugs in `net`

- Added `sections` iterator in `parsecfg`.

- Make custom op in macros.quote work for all statements.
Expand Down
7 changes: 3 additions & 4 deletions lib/pure/net.nim
Original file line number Diff line number Diff line change
Expand Up @@ -690,12 +690,11 @@ when defineSsl:
let ctx = SslContext(context: ssl.SSL_get_SSL_CTX)
let hintString = if hint == nil: "" else: $hint
let (identityString, pskString) = (ctx.clientGetPskFunc)(hintString)
if psk.len.cuint > max_psk_len:
if pskString.len.cuint > max_psk_len:
return 0
if identityString.len.cuint >= max_identity_len:
return 0

copyMem(identity, identityString.cstring, pskString.len + 1) # with the last zero byte
copyMem(identity, identityString.cstring, identityString.len + 1) # with the last zero byte
copyMem(psk, pskString.cstring, pskString.len)

return pskString.len.cuint
Expand All @@ -716,7 +715,7 @@ when defineSsl:
max_psk_len: cint): cuint {.cdecl.} =
let ctx = SslContext(context: ssl.SSL_get_SSL_CTX)
let pskString = (ctx.serverGetPskFunc)($identity)
if psk.len.cint > max_psk_len:
if pskString.len.cint > max_psk_len:
return 0
copyMem(psk, pskString.cstring, pskString.len)

Expand Down

0 comments on commit cac2f6f

Please sign in to comment.