m1ngsama/TNT - Forgejo: Beyond coding. We Forge.

m1ngsama/TNT

Fork 0

mirror of https://github.com/m1ngsama/TNT.git synced 2026-02-08 08:54:05 +00:00

Commit graph

Author	SHA1	Message	Date
m1ngsama	36464007e8	fix(security): implement buffer security enhancements - Replace all strcpy() calls with strncpy() to prevent buffer overflows - Add buffer overflow checking in client_printf() vsnprintf result - Implement UTF-8 sequence validation to prevent malformed input - Add utf8_is_valid_sequence() function with complete validation - Enhance read_username() with UTF-8 boundary checks - Add UTF-8 validation for message input handling These changes address: - Buffer overflow vulnerabilities (lines 178, 423, 510) - Insufficient vsnprintf() error checking (line 106) - Missing UTF-8 sequence validation (lines 156-171) Fixes prevent: - Buffer overflow attacks - Overlong UTF-8 encoding exploits - Invalid UTF-8 surrogates injection	2026-01-22 13:54:15 +08:00
m1ngsama	63274b92ba	Initial commit	2025-07-01 09:00:00 +08:00

Author

SHA1

Message

Date

m1ngsama

36464007e8

fix(security): implement buffer security enhancements

- Replace all strcpy() calls with strncpy() to prevent buffer overflows
- Add buffer overflow checking in client_printf() vsnprintf result
- Implement UTF-8 sequence validation to prevent malformed input
- Add utf8_is_valid_sequence() function with complete validation
- Enhance read_username() with UTF-8 boundary checks
- Add UTF-8 validation for message input handling

These changes address:
- Buffer overflow vulnerabilities (lines 178, 423, 510)
- Insufficient vsnprintf() error checking (line 106)
- Missing UTF-8 sequence validation (lines 156-171)

Fixes prevent:
- Buffer overflow attacks
- Overlong UTF-8 encoding exploits
- Invalid UTF-8 surrogates injection

2026-01-22 13:54:15 +08:00

m1ngsama

63274b92ba

Initial commit

2025-07-01 09:00:00 +08:00

2 commits