www.cendio.com
Bug 5255 - webaccess tracebacks to log on \0 in username
: webaccess tracebacks to log on \0 in username
Status: CLOSED FIXED
: ThinLinc
Web Access
: trunk
: PC Unknown
: P2 Normal
: 4.3.0
Assigned To:
:
:
:
:
  Show dependency treegraph
 
Reported: 2014-09-12 16:44 by
Modified: 2014-10-09 11:32 (History)
Acceptance Criteria:


Attachments


Note

You need to log in before you can comment on or make changes to this bug.


Description From cendio 2014-09-12 16:44:37
A single client looping one request may produce up to a megabyte of log data
per minute.
------- Comment #2 From cendio 2014-09-16 13:37:30 -------
Fixed in commit 29367.

The issue is reproduced by using following url:

https://tlwebaccess:300/main/?loginsubmit=1&username=cendio%00&pamresponse=pass
------- Comment #3 From cendio 2014-10-09 11:32:15 -------
Works.