vieter-v
/
v
2
0
Fork 0
Code Issues Pull Requests Releases Activity

thirdparty/vschannel: fix format string vulnerability (#10944)

pull/10950/head
Miccah 2021-07-24 15:37:34 -05:00 committed by GitHub
parent 1943da54a5
commit 76904719d0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
thirdparty/vschannel/vschannel.c vendored
View File

@ -757,7 +757,7 @@ static SECURITY_STATUS https_make_request(TlsContext *tls_ctx, CHAR *req, CHAR *
// Build HTTP request. Note that I'm assuming that this is less than
// the maximum message size. If it weren't, it would have to be broken up.
sprintf(pbMessage, req);
sprintf(pbMessage, "%s", req);
cbMessage = (DWORD)strlen(pbMessage);