Fixed vulnerability TALOS-2023-1746 reported by Cisco TALOS.

yasosa305 · yasosa305 · commit 80d4004f1374 · 2023-06-29T17:28:29.000-04:00
diff --git a/Server/Source/http-s_req.c b/Server/Source/http-s_req.c
@@ -1741,7 +1741,7 @@ static  void  HTTPsReq_HdrParse (HTTPs_INSTANCE  *p_instance,
                                                          p_field_end,
                                                         &len);
 
-                         len   = DEF_MIN(len, p_cfg->HostNameLenMax);
+                         len   = DEF_MIN(len, p_cfg->HostNameLenMax - 1);
 
                                                                 /* Copy host name val in Conn struct.                   */
                          (void)Str_Copy_N(p_conn->HostPtr, p_val, len);
