Hello, I added extra checks to fix #660
Cheers, Ilya Shipitcin
From 814dd19d54dcaadf4de3a401206f6a7788ac68bd Mon Sep 17 00:00:00 2001 From: Ilya Shipitsin <[email protected]> Date: Sat, 27 Jun 2020 12:40:28 +0500 Subject: [PATCH] src/server.c: add extra guards when loading state file this should fix #660 --- src/server.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/src/server.c b/src/server.c index 1fd29046e..714d0c517 100644 --- a/src/server.c +++ b/src/server.c @@ -3252,6 +3252,7 @@ void apply_server_state(void) /* free up memory in case of error during the processing of the line */ free(line); } + fclose(f); } out_load_server_state_in_tree: @@ -3347,6 +3348,8 @@ void apply_server_state(void) goto next; st = container_of(node, struct state_line, name_name); + if (strlen(st->line) > SRV_STATE_LINE_MAXLEN) + goto next; memcpy(mybuf, st->line, strlen(st->line)); mybuf[strlen(st->line)] = 0; @@ -3362,7 +3365,7 @@ void apply_server_state(void) continue; /* next proxy in list */ } - else { + else if (filepath) { /* load 'local' state file */ errno = 0; f = fopen(filepath, "r"); @@ -3434,9 +3437,9 @@ void apply_server_state(void) /* now we can proceed with server's state update */ srv_update_state(srv, version, srv_params); } + fileclose: + fclose(f); } -fileclose: - fclose(f); } /* now free memory allocated for the tree */ -- 2.26.2
