[nmap-svn] r39252 - nmap

commit-mailer Tue, 15 Jul 2025 11:24:09 -0700

Author: dmiller
Date: Tue Jul 15 11:23:47 2025
New Revision: 39252

Log:
Check length of format option before accessing


Modified:
   nmap/nse_zlib.cc

Modified: nmap/nse_zlib.cc
==============================================================================
--- nmap/nse_zlib.cc    (original)
+++ nmap/nse_zlib.cc    Tue Jul 15 11:23:47 2025
@@ -564,7 +564,10 @@
                 success = (l == 0) ? lz_test_eof(L, s) : lz_read_chars(L, s, 
l);
             }
             else {
-                const char *p = lua_tostring(L, n);
+                size_t l;
+                const char *p = lua_tolstring(L, n, &l);
+                if (l < 2)
+                    return luaL_argerror(L, n, "invalid format");
                 luaL_argcheck(L, p && p[0] == '*', n, "invalid option");
                 switch (p[1]) {
                     case 'l':  /* line */

_______________________________________________
Sent through the svn mailing list
https://nmap.org/mailman/listinfo/svn

[nmap-svn] r39252 - nmap

Reply via email to