commit 2aa0b2234d89cd6fa98b60430e86a66fac4f2a3e
parent 91e76659458849a184f7862504943d9cc2012206
Author: Christian Grothoff <christian@grothoff.org>
Date: Mon, 18 Jan 2016 20:56:34 +0000
add redundant length check to make static checkers happy and to avoid trouble in the future
Diffstat:
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c
@@ -303,7 +303,7 @@ lookup_sub_value (char *dest,
* @param connection The MHD connection structure
* @param nonce A pointer that referenced a zero-terminated array of nonce
* @param nc The nonce counter, zero to add the nonce to the array
- * @return MHD_YES if successful, MHD_NO if invalid (or we have no NC array)
+ * @return #MHD_YES if successful, #MHD_NO if invalid (or we have no NC array)
*/
static int
check_nonce_nc (struct MHD_Connection *connection,
@@ -314,6 +314,11 @@ check_nonce_nc (struct MHD_Connection *connection,
uint32_t mod;
const char *np;
+ if (MAX_NONCE_LENGTH <= strlen (nonce))
+ return MHD_NO; /* This should be impossible, but static analysis
+ tools have a hard time with it *and* this also
+ protects against unsafe modifications that may
+ happen in the future... */
mod = connection->daemon->nonce_nc_size;
if (0 == mod)
return MHD_NO; /* no array! */
@@ -335,8 +340,8 @@ check_nonce_nc (struct MHD_Connection *connection,
(void) MHD_mutex_lock_ (&connection->daemon->nnc_lock);
if (0 == nc)
{
- strcpy(connection->daemon->nnc[off].nonce,
- nonce);
+ strcpy (connection->daemon->nnc[off].nonce,
+ nonce);
connection->daemon->nnc[off].nc = 0;
(void) MHD_mutex_unlock_ (&connection->daemon->nnc_lock);
return MHD_YES;
