gen_auth: treat empty header as invalid - libmicrohttpd - HTTP/1.x server C library (MHD 1.x, stable)

commit b00a58cfa72085c5e9353aa3b5ecfeba43984fce
parent 4520ac2d3138c7af40b69d75801b64d07bb2464c
Author: Evgeny Grin (Karlson2k) <k2k@narod.ru>
Date:   Fri,  3 Jun 2022 15:59:40 +0300

gen_auth: treat empty header as invalid

Diffstat:
M src/microhttpd/gen_auth.c  | 14 ++++++++++++++

1 file changed, 14 insertions(+), 0 deletions(-)
diff --git a/src/microhttpd/gen_auth.c b/src/microhttpd/gen_auth.c
@@ -371,6 +371,20 @@ parse_auth_rq_header_ (struct MHD_Connection *c)
   h += i;
   h_len -= i;
 
+  if (0 == h_len)
+  { /* The header is an empty string */
+    rq_auth = (struct MHD_AuthRqHeader *)
+              MHD_connection_alloc_memory_ (c,
+                                            sizeof (struct MHD_AuthRqHeader));
+    c->rq_auth = rq_auth;
+    if (NULL != rq_auth)
+    {
+      memset (rq_auth, 0, sizeof(struct MHD_AuthRqHeader));
+      rq_auth->auth_type = MHD_AUTHTYPE_INVALID;
+    }
+    return false;
+  }
+
 #ifdef DAUTH_SUPPORT
   if (1)
   {

	libmicrohttpd HTTP/1.x server C library (MHD 1.x, stable)
	Log \| Files \| Refs \| Submodules \| README \| LICENSE