commit 8457dfc7b6a643802accba03c09a7602922a63f1
parent a3527f080a807060ddc4ae4bb4e395194c1bfd16
Author: Evgeny Grin (Karlson2k) <k2k@narod.ru>
Date: Sun, 1 May 2022 16:12:22 +0300
check_nonce_nc(): moved 'nc' overflow check out of mutex lock
Diffstat:
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c
@@ -599,7 +599,10 @@ check_nonce_nc (struct MHD_Connection *connection,
happen in the future... */
mod = daemon->nonce_nc_size;
if (0 == mod)
- return false; /* no array! */
+ return false; /* no array! */
+ if (nc + 64 < nc)
+ return false; /* Overflow, unrealistically high value */
+
/* HT lookup in nonce array */
off = fast_simple_hash ((const uint8_t *) nonce, noncelen) % mod;
/*
@@ -619,7 +622,6 @@ check_nonce_nc (struct MHD_Connection *connection,
/* Note that we use 64 here, as we do not store the
bit for 'nn->nc' itself in 'nn->nmask' */
else if ( (nc < nn->nc) &&
- (nc + 64 > nc /* checking for overflow */) &&
(nc + 64 >= nn->nc) &&
(0 == ((1LLU << (nn->nc - nc - 1)) & nn->nmask)) )
{
