Open Bug 710991 Opened 9 years ago Updated 6 years ago

Possible unsafe sprintf in AdjustWebSocketHost()

Categories

(Testing :: Mochitest, defect)

defect
Not set
normal

Tracking

(Not tracked)

People

(Reporter: Dolske, Unassigned)

References

Details

(Whiteboard: [pvs-studio])

From http://www.viva64.com/en/a/0078/,
11th section in http://www.viva64.com/external-pictures/txt/mozilla-test.txt

V541 It is dangerous to print the string 'newhost' into itself.
ssltunnel.cpp 531

bool AdjustWebSocketHost(relayBuffer& buffer, connection_info_t *ci)
{
  ...
  sprintf(newhost, "%s:%d", newhost, PR_ntohs(inet_addr.inet.port));
  ...
}

I think there could be used new buffer.
Blocks: 710966
You need to log in before you can comment on or make changes to this bug.