commit 4b3895dd4aa47e550839c11889381e8442e20a4e
parent 171e6d0591b0c81c6999a9e0d8f65b5624a76f15
Author: Evgeny Grin (Karlson2k) <k2k@narod.ru>
Date: Fri, 6 May 2022 15:05:43 +0300
digestauth: added check for valid nonce format in the nonce-nc map
This is required to prevent strlen() runaway.
Diffstat:
1 file changed, 5 insertions(+), 0 deletions(-)
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c
@@ -859,6 +859,11 @@ is_slot_available (const struct MHD_NonceNc *const nn,
return true; /* Client already used the nonce in this slot at least
one time, re-use the slot */
+ /* The nonce must be zero-terminated */
+ mhd_assert (0 == nn->nonce[sizeof(nn->nonce) - 1]);
+ if (0 != nn->nonce[sizeof(nn->nonce) - 1])
+ return true; /* Wrong nonce format in the slot */
+
timestamp_valid = get_nonce_timestamp (nn->nonce, 0, ×tamp);
mhd_assert (timestamp_valid);
if (! timestamp_valid)
