Commit dbf72805 authored by Committed by Matthieu Herrb
Fixed out of boundary write (CVE-2018-14600).
The length value is interpreted as signed char on many systems (depending on default signedness of char), which can lead to an out of boundary write up to 128 bytes in front of the allocated storage, but limited to NUL byte(s). Casting the length value to unsigned char fixes the problem and allows string values with up to 255 characters. Signed-off-by: Tobias Stoeckmann <firstname.lastname@example.org>
Showing with 4 additions and 4 deletions