[sslh] libevent port?
Yves Rutschle
yves at naryves.com
Tue Sep 17 06:26:49 CEST 2013
Hi Ondra,
On Tue, Sep 17, 2013 at 12:05:43AM +0200, ondra+sslh at mistotebe.net wrote:
> I've fixed the probes not to try reading the unitialized data.
I need to go through that slowly, but I think I'm going to
disagree with most of this.
Typically:
> static int is_tinc_protocol( const char *p, int len, struct proto *proto)
> {
> + if (len < 2)
> + return 0;
> +
> return !strncmp(p, "0 ", 2);
> }
The test adds two lines of code which are completly
redundant with the strncmp. If *p contains a NULL at the
second character (or even first character), so what? strncmp
will just fail there and then.
In fact, this doesn't even cover a 10-byte packet that
contains a NULL at the beginning as len is the length of the
packet, not the string.
Y.
More information about the sslh
mailing list