diff options
| -rw-r--r-- | changelog.md | 2 | ||||
| -rw-r--r-- | lib/pure/net.nim | 7 |
2 files changed, 5 insertions, 4 deletions
diff --git a/changelog.md b/changelog.md index 6dcfab9c6..cfdcd3c62 100644 --- a/changelog.md +++ b/changelog.md @@ -40,6 +40,8 @@ ## Standard library additions and changes - Added support for parenthesized expressions in `strformat` +- Fixed buffer overflow bugs in `net` + - Added `sections` iterator in `parsecfg`. - Make custom op in macros.quote work for all statements. diff --git a/lib/pure/net.nim b/lib/pure/net.nim index 9be9c6acb..343cdc9b1 100644 --- a/lib/pure/net.nim +++ b/lib/pure/net.nim @@ -690,12 +690,11 @@ when defineSsl: let ctx = SslContext(context: ssl.SSL_get_SSL_CTX) let hintString = if hint == nil: "" else: $hint let (identityString, pskString) = (ctx.clientGetPskFunc)(hintString) - if psk.len.cuint > max_psk_len: + if pskString.len.cuint > max_psk_len: return 0 if identityString.len.cuint >= max_identity_len: return 0 - - copyMem(identity, identityString.cstring, pskString.len + 1) # with the last zero byte + copyMem(identity, identityString.cstring, identityString.len + 1) # with the last zero byte copyMem(psk, pskString.cstring, pskString.len) return pskString.len.cuint @@ -716,7 +715,7 @@ when defineSsl: max_psk_len: cint): cuint {.cdecl.} = let ctx = SslContext(context: ssl.SSL_get_SSL_CTX) let pskString = (ctx.serverGetPskFunc)($identity) - if psk.len.cint > max_psk_len: + if pskString.len.cint > max_psk_len: return 0 copyMem(psk, pskString.cstring, pskString.len) |