Buffer overflow (#6817)

* Buffer overflow The host field in the web_client is to store the value of the Host HTTP header, but it is an arbitrary size and there are no length checks. I could not see an easy way to exploit it but this checks it will not overflow the buffer. * Fix warnings on @thiagoftsm build system.
author: Andrew Moss <1043609+amoss@users.noreply.github.com> 2019-09-13 14:38:46 +0200
committer: thiagoftsm <thiagoftsm@gmail.com> 2019-09-13 12:38:46 +0000
commit: f729ee922d9ea3557ff21b1682af1dd696c39937 (patch)
tree: c6ee3db0885f669a8c1ec0fce696277d15f63e6f /web
parent: a8e56a94eb6bcf566bf1748ffe21cb00d3a10182 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/web/server/web_client.c b/web/server/web_client.c
index 908e3a6a96..db078b966b 100644
--- a/web/server/web_client.c
+++ b/web/server/web_client.c
@@ -791,7 +791,7 @@ static inline char *http_header_parse(struct web_client *w, char *s, int parse_u
         w->auth_bearer_token = strdupz(v);
     }
     else if(hash == hash_host && !strcasecmp(s, "Host")){
-        strncpyz(w->host, v, (ve - v));
+        strncpyz(w->host, v, ((size_t)(ve - v) < sizeof(w->host)-1 ? (size_t)(ve - v) : sizeof(w->host)-1));
     }
 #ifdef NETDATA_WITH_ZLIB
     else if(hash == hash_accept_encoding && !strcasecmp(s, "Accept-Encoding")) {
author	Andrew Moss <1043609+amoss@users.noreply.github.com>	2019-09-13 14:38:46 +0200
committer	thiagoftsm <thiagoftsm@gmail.com>	2019-09-13 12:38:46 +0000
commit	f729ee922d9ea3557ff21b1682af1dd696c39937 (patch)
tree	c6ee3db0885f669a8c1ec0fce696277d15f63e6f /web
parent	a8e56a94eb6bcf566bf1748ffe21cb00d3a10182 (diff)