5255 – webaccess tracebacks to log on \0 in username

Bug 5255 - webaccess tracebacks to log on \0 in username

Summary: webaccess tracebacks to log on \0 in username

Status:	CLOSED FIXED

Alias:	None

Product:	ThinLinc
Classification:	Unclassified
Component:	Web Access (show other bugs)
Version:	trunk
Hardware:	PC Unknown

Importance:	P2 Normal
Target Milestone:	4.3.0
Assignee:	Henrik Andersson

URL:
Keywords:	astrand_tester, prosaic

Depends on:
Blocks:

Reported:	2014-09-12 16:44 CEST by Karl Mikaelsson
Modified:	2022-10-21 16:18 CEST (History)
CC List:	0 users

See Also:
Acceptance Criteria:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Karl Mikaelsson cendio

2014-09-12 16:44:37 CEST

A single client looping one request may produce up to a megabyte of log data per minute.

Comment 2 Henrik Andersson cendio

2014-09-16 13:37:30 CEST

Fixed in commit 29367.

The issue is reproduced by using following url:

https://tlwebaccess:300/main/?loginsubmit=1&username=cendio%00&pamresponse=pass

Comment 3 Peter Åstrand cendio

2014-10-09 11:32:15 CEST

Works.

Note You need to log in before you can comment on or make changes to this bug.