Sorry, I wasn't very specific; nodogsplash exits rather than crashing. It uses a safe_strdup call that exits in this case.
On 05/31/2012 08:46 AM, John Crispin wrote: > CC'ing the nodogsplash people ... could they comment on the patch ? > looks like a remote DoS exploit .... > > > > -------- Original Message -------- > Subject: [OpenWrt-Devel] [PATCH] nodogsplash crashes when rdir > parameter is missing > Date: Wed, 30 May 2012 23:41:00 +0200 > From: Moritz Warning <[email protected]> > Reply-To: OpenWrt Development List <[email protected]> > To: [email protected] > > nodogsplash-0.9_beta9.9.6 crashes if it receives an authentication URL > which has no "redir" or "tok" parameter set. > That's why wget on the splash page crashes nodogsplash. :[ > > Signed-off-by: Moritz Warning <[email protected]> > > Attached is the patch created by quilt. > An inline patch would omit the file name. > > > > > _______________________________________________ > openwrt-devel mailing list > [email protected] > https://lists.openwrt.org/mailman/listinfo/openwrt-devel _______________________________________________ openwrt-devel mailing list [email protected] https://lists.openwrt.org/mailman/listinfo/openwrt-devel
