Back Midas Rome Roody Rootana
  Midas DAQ System  Not logged in ELOG logo
 Back  |  Find  |  Login  |  Help 
Entry  12 Oct 2003, Konstantin Olchanski, , Array overruns in mhttpd.c::submit_elog() 
    Reply  12 Oct 2003, Konstantin Olchanski, , Array overruns in mhttpd.c::submit_elog() 
       Reply  13 Oct 2003, Stefan Ritt, , Array overruns in mhttpd.c::submit_elog() 
          Reply  13 Oct 2003, Konstantin Olchanski, , Array overruns in mhttpd.c::submit_elog() 
Message ID: 130     Entry time: 12 Oct 2003     In reply to: 129     Reply to this: 131
Author: Konstantin Olchanski 
Topic:  
Subject: Array overruns in mhttpd.c::submit_elog()  
> While adding new functionality to submit_elog() (add the message text to the
> outgoing email), I noticed that the email text is being stored into an array
> of size 256, mail_text[256], without any checks for array overrun. This
> cannot be good. How should this be corrected?
> K.O.

Similar problem exists in midas.c::el_submit(). The array "message[10000]" is
easy to overrun by submitting a long elog message.

K.O.
ELOG V3.1.4-2e1708b5