| Summary | URL decode buffer overflow |
|---|---|
| Date | 2004-08-26 |
| CVE Number | CVE-2004-0785 |
| Discovered By | Sean (infamous42md) |
| Fixed In Release | 0.82 |
Buffer overflow. The URL is decoded into a static buffer of length 2048 bytes. I’m not sure it’s possible to receive a URL longer than 2048 bytes, as many protocols have message limits that are shorter than that.
A check to make sure the source string is shorter than 2048 bytes is performed.