unsafe sprintfs mod_geoip
When using city databases, mod_geoip does some very broken sprintfs to buffers on the stack. For instance:
char latitude; sprintf(&latitude, "%f", gir->latitude);This works because latitude and &latitude point to the same address, since it's allocated on the stack. However, it throws a compiler warning, since it's passing a
char**to function that's expecting a char*.
Also, the use of unchecked sprintf for stack allocated buffers is spooky. If libgeoip ever returns something of a different size, there's a good chance for stack corruption or other bizarre problems.
Patch changes this to length-checked snprintf's using the buffer instead of the buffer's address.
(add to default build to reduce distributor package maintenance)
"broken module API since 1.4.38"
"lighttpd-1.4.24 fails to compile with mod_geoip.c"
"unsafe sprintfs mod_geoip"
"mod_geoip crashes lighttpd 1.5.x on FreeBSD 7.2 AMD64"
"lighttpd 1.4 crashes on FreeBSD 7.0 AMD64 when mod_geoip compiled in"
#3 Updated by gstrauss about 1 year ago
I uploaded a patch to https://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ModGeoip which applies to mod_geoip_for_1.4.c (rename to mod_geoip.c) in order to compile mod_geoip.c cleanly under lighttpd 1.4.39. (I have not tested beyond compiling it.)
The patch also replaces sprintf() with snprintf() andfixes the compiler warnings.
#4 Updated by gstrauss about 1 year ago
Please close ticket. Patch posted to wiki https://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ModGeoip
Also available in: Atom