miniweb icon indicating copy to clipboard operation
miniweb copied to clipboard
verified publisher icon avih

Vulnerability - heap overflow

Open dybrkr opened this issue 3 years ago • 1 comments

I found it about 4 years ago, and forgot to let know. still seems like, has vulnerbitity.

  • buffersize (atoi)

https://github.com/avih/miniweb/blob/master/http.c#L2348

  • allocation

phsSocket->bufferSize = phsSocket->request.payloadSize + 1; phsSocket->request.pucPayload = malloc(phsSocket->bufferSize); // bufferSize

  • memcpy(overflow)

https://github.com/avih/miniweb/blob/master/http.c#L1271 // causes overflow

poc

dybrkr avatar Nov 05 '22 08:11 dybrkr

Thanks.

I'll keep this issue open for posterity, but as the message at the readme and the project page says:

This project is not maintained, and should not be considered secure.

avih avatar Nov 05 '22 16:11 avih