From: Fabian Keil Date: Thu, 11 Sep 2025 11:54:17 +0000 (+0200) Subject: socks4_connect(): Fix the dstsize passed to strlcpy() in case of socks4a X-Git-Url: http://www.privoxy.org/gitweb/%22https:/developer-manual/faq/user-manual/user-manual/@user-manual@?a=commitdiff_plain;h=b73d65ea904f50a5f00ccb3dff5fa66e515ca991;p=privoxy.git socks4_connect(): Fix the dstsize passed to strlcpy() in case of socks4a Previously we would substract sizeof(struct socks_op) twice as it's already part of csiz. While this was wrong it didn't cause any actual problems as the buffer size is so large that it didn't matter. Reported by: Joshua Rogers --- diff --git a/gateway.c b/gateway.c index 7b0412dd..fc712915 100644 --- a/gateway.c +++ b/gateway.c @@ -875,7 +875,7 @@ static jb_socket socks4_connect(const struct forward_spec *fwd, } else { - strlcpy(buf + csiz, target_host, sizeof(buf) - sizeof(struct socks_op) - csiz); + strlcpy(buf + csiz, target_host, sizeof(buf) - csiz); /* * What we forward to the socks4a server should have the * size of socks_op, plus the length of the userid plus