commit 661a5ee03c1ff438edd46994653c8a5fa3cd075e
parent 8632cd8c4bb87b5f120d2a518f9ad4807b83c93c
Author: Evgeny Grin (Karlson2k) <k2k@narod.ru>
Date: Tue, 12 Apr 2016 14:36:16 +0000
MHD_digest_auth_check(): used internal function to decode nc, fixed incorrect check
(should be 'ULONG_MAX', not 'LONG_MAX'), new check is more strict.
Function should be more secure now.
Diffstat:
1 file changed, 3 insertions(+), 6 deletions(-)
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c
@@ -668,7 +668,7 @@ MHD_digest_auth_check (struct MHD_Connection *connection,
(0 == lookup_sub_value (qop, sizeof (qop), header, "qop")) ||
( (0 != strcmp (qop, "auth")) &&
(0 != strcmp (qop, "")) ) ||
- (0 == lookup_sub_value (nc, sizeof (nc), header, "nc")) ||
+ (0 == (len = lookup_sub_value (nc, sizeof (nc), header, "nc")) ) ||
(0 == lookup_sub_value (response, sizeof (response), header, "response")) )
{
#ifdef HAVE_MESSAGES
@@ -677,14 +677,11 @@ MHD_digest_auth_check (struct MHD_Connection *connection,
#endif
return MHD_NO;
}
- nci = strtoul (nc, &end, 16);
- if ( ('\0' != *end) ||
- ( (LONG_MAX == nci) &&
- (ERANGE == errno) ) )
+ if (len != MHD_strx_to_uint64_n_ (nc, len, &nci))
{
#ifdef HAVE_MESSAGES
MHD_DLOG (connection->daemon,
- "Authentication failed, invalid format.\n");
+ "Authentication failed, invalid nc format.\n");
#endif
return MHD_NO; /* invalid nonce format */
}
