From 93cf0e67ba9fbf1ff50a746effd3d809ab56fd45 Mon Sep 17 00:00:00 2001 From: WGH Date: Wed, 3 Aug 2016 01:15:06 +0300 Subject: [PATCH] fixed buffer overflow and use of uninitialized memory in handle_dns_login --- src/server.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/server.c b/src/server.c index b8100f4..80c08ae 100644 --- a/src/server.c +++ b/src/server.c @@ -1532,7 +1532,7 @@ handle_dns_login(int dns_fd, struct query *q, uint8_t *domain, int domain_len, i tcp_forward_error: DEBUG(1, "Failed to connect TCP forward for user %d: %s", userid, errormsg); out[0] = 'E'; - strncat(out + 1, errormsg, sizeof(out) - 1); + strncpy(out + 1, errormsg, sizeof(out) - 1); read = strlen(out); write_dns(dns_fd, q, out, read + 1, u->downenc); }