Browse Source

CVE-2019-12937

K. Lange 1 year ago
parent
commit
7fdaca463f
1 changed files with 2 additions and 0 deletions
  1. 2 0
      lib/pex.c

+ 2 - 0
lib/pex.c

@@ -48,6 +48,7 @@ size_t pex_recv(FILE * sock, char * blob) {
 
 FILE * pex_connect(char * target) {
 	char tmp[100];
+	if (strlen(target) > 80) return NULL;
 	sprintf(tmp, "/dev/pex/%s", target);
 	FILE * out = fopen(tmp, "r+");
 	if (out) {
@@ -58,6 +59,7 @@ FILE * pex_connect(char * target) {
 
 FILE * pex_bind(char * target) {
 	char tmp[100];
+	if (strlen(target) > 80) return NULL;
 	sprintf(tmp, "/dev/pex/%s", target);
 	FILE * out = fopen(tmp, "a+");
 	if (out) {