commit 8a2da6d6a3b7ab04b3bd0506d0f245997bb49b52
parent 3fcec14c8d2a25db33b6f7e42cf7430f07250b10
Author: Evgeny Grin (Karlson2k) <k2k@narod.ru>
Date: Sun, 5 Jun 2022 12:24:34 +0300
gen_auth: do not allow the equal sign alone for digest auth
Diffstat:
1 file changed, 2 insertions(+), 0 deletions(-)
diff --git a/src/microhttpd/gen_auth.c b/src/microhttpd/gen_auth.c
@@ -175,6 +175,8 @@ parse_dauth_params (const char *str,
mhd_assert ('\t' != str[i]);
left = str_len - i;
+ if ('=' == str[i])
+ return false; /* The equal sign is not allowed as the first character */
for (p = 0; p < sizeof(map) / sizeof(map[0]); p++)
{
struct dauth_token_param *const aparam = map + p;
