Thanks to Mick Ayzenberg <mick@dejavusecurity.com> for finding this!
@@ -1002,6 +1002,13 @@ bool extract_sockaddr(struct pool *pool, char *url)
if (url_len < 1)
return false;
+
+ if (url_len >= sizeof(url_address))
+ {
+ applog(LOG_WARNING, "%s: Truncating overflowed address '%.*s'",
+ __func__, url_len, url_begin);
+ url_len = sizeof(url_address) - 1;
+ }
sprintf(url_address, "%.*s", url_len, url_begin);
Luke Dashjr