diff options
author | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2014-12-22 19:42:31 +0000 |
---|---|---|
committer | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2014-12-22 19:42:31 +0000 |
commit | 001c1fdad596c41a67f08653ada5d46401dd9792 (patch) | |
tree | c22cef00de9a00664607e9be18af3127b7a403fe | |
parent | 03af50116d05118c328eb8910b9c512948414ca7 (diff) | |
download | libmicrohttpd-001c1fdad596c41a67f08653ada5d46401dd9792.tar.gz libmicrohttpd-001c1fdad596c41a67f08653ada5d46401dd9792.zip |
Replace char variable size arrays with malloc'ed buffers
-rw-r--r-- | src/microhttpd/basicauth.c | 16 | ||||
-rw-r--r-- | src/microhttpd/digestauth.c | 62 |
2 files changed, 66 insertions, 12 deletions
diff --git a/src/microhttpd/basicauth.c b/src/microhttpd/basicauth.c index 0d1309f2..24bafc31 100644 --- a/src/microhttpd/basicauth.c +++ b/src/microhttpd/basicauth.c | |||
@@ -119,15 +119,25 @@ MHD_queue_basic_auth_fail_response (struct MHD_Connection *connection, | |||
119 | { | 119 | { |
120 | int ret; | 120 | int ret; |
121 | size_t hlen = strlen(realm) + strlen("Basic realm=\"\"") + 1; | 121 | size_t hlen = strlen(realm) + strlen("Basic realm=\"\"") + 1; |
122 | char header[hlen]; | 122 | char *header; |
123 | 123 | ||
124 | header = (char*)malloc(hlen); | ||
125 | if (NULL == header) | ||
126 | { | ||
127 | #if HAVE_MESSAGES | ||
128 | MHD_DLOG(connection->daemon, | ||
129 | "Failed to allocate memory for auth header\n"); | ||
130 | #endif /* HAVE_MESSAGES */ | ||
131 | return MHD_NO; | ||
132 | } | ||
124 | MHD_snprintf_ (header, | 133 | MHD_snprintf_ (header, |
125 | sizeof (header), | 134 | hlen, |
126 | "Basic realm=\"%s\"", | 135 | "Basic realm=\"%s\"", |
127 | realm); | 136 | realm); |
128 | ret = MHD_add_response_header (response, | 137 | ret = MHD_add_response_header (response, |
129 | MHD_HTTP_HEADER_WWW_AUTHENTICATE, | 138 | MHD_HTTP_HEADER_WWW_AUTHENTICATE, |
130 | header); | 139 | header); |
140 | free(header); | ||
131 | if (MHD_YES == ret) | 141 | if (MHD_YES == ret) |
132 | ret = MHD_queue_response (connection, | 142 | ret = MHD_queue_response (connection, |
133 | MHD_HTTP_UNAUTHORIZED, | 143 | MHD_HTTP_UNAUTHORIZED, |
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c index 4bab177a..18a6c5f9 100644 --- a/src/microhttpd/digestauth.c +++ b/src/microhttpd/digestauth.c | |||
@@ -480,15 +480,22 @@ check_argument_match (struct MHD_Connection *connection, | |||
480 | const char *args) | 480 | const char *args) |
481 | { | 481 | { |
482 | struct MHD_HTTP_Header *pos; | 482 | struct MHD_HTTP_Header *pos; |
483 | size_t slen = strlen (args) + 1; | 483 | char *argb; |
484 | char argb[slen]; | ||
485 | char *argp; | 484 | char *argp; |
486 | char *equals; | 485 | char *equals; |
487 | char *amper; | 486 | char *amper; |
488 | unsigned int num_headers; | 487 | unsigned int num_headers; |
489 | 488 | ||
489 | argb = strdup(args); | ||
490 | if (NULL == argb) | ||
491 | { | ||
492 | #if HAVE_MESSAGES | ||
493 | MHD_DLOG(connection->daemon, | ||
494 | "Failed to allocate memory for copy of URI arguments\n"); | ||
495 | #endif /* HAVE_MESSAGES */ | ||
496 | return MHD_NO; | ||
497 | } | ||
490 | num_headers = 0; | 498 | num_headers = 0; |
491 | memcpy (argb, args, slen); | ||
492 | argp = argb; | 499 | argp = argb; |
493 | while ( (NULL != argp) && | 500 | while ( (NULL != argp) && |
494 | ('\0' != argp[0]) ) | 501 | ('\0' != argp[0]) ) |
@@ -626,12 +633,24 @@ MHD_digest_auth_check (struct MHD_Connection *connection, | |||
626 | return MHD_NO; | 633 | return MHD_NO; |
627 | } | 634 | } |
628 | { | 635 | { |
629 | char uri[left]; | 636 | char *uri; |
630 | 637 | ||
638 | uri = malloc(left + 1); | ||
639 | if (NULL == uri) | ||
640 | { | ||
641 | #if HAVE_MESSAGES | ||
642 | MHD_DLOG(connection->daemon, | ||
643 | "Failed to allocate memory for auth header processing\n"); | ||
644 | #endif /* HAVE_MESSAGES */ | ||
645 | return MHD_NO; | ||
646 | } | ||
631 | if (0 == lookup_sub_value (uri, | 647 | if (0 == lookup_sub_value (uri, |
632 | sizeof (uri), | 648 | left + 1, |
633 | header, "uri")) | 649 | header, "uri")) |
650 | { | ||
651 | free(uri); | ||
634 | return MHD_NO; | 652 | return MHD_NO; |
653 | } | ||
635 | 654 | ||
636 | /* 8 = 4 hexadecimal numbers for the timestamp */ | 655 | /* 8 = 4 hexadecimal numbers for the timestamp */ |
637 | nonce_time = strtoul (nonce + len - 8, (char **)NULL, 16); | 656 | nonce_time = strtoul (nonce + len - 8, (char **)NULL, 16); |
@@ -643,7 +662,10 @@ MHD_digest_auth_check (struct MHD_Connection *connection, | |||
643 | */ | 662 | */ |
644 | if ( (t > nonce_time + nonce_timeout) || | 663 | if ( (t > nonce_time + nonce_timeout) || |
645 | (nonce_time + nonce_timeout < nonce_time) ) | 664 | (nonce_time + nonce_timeout < nonce_time) ) |
665 | { | ||
666 | free(uri); | ||
646 | return MHD_INVALID_NONCE; | 667 | return MHD_INVALID_NONCE; |
668 | } | ||
647 | if (0 != strncmp (uri, | 669 | if (0 != strncmp (uri, |
648 | connection->url, | 670 | connection->url, |
649 | strlen (connection->url))) | 671 | strlen (connection->url))) |
@@ -652,6 +674,7 @@ MHD_digest_auth_check (struct MHD_Connection *connection, | |||
652 | MHD_DLOG (connection->daemon, | 674 | MHD_DLOG (connection->daemon, |
653 | "Authentication failed, URI does not match.\n"); | 675 | "Authentication failed, URI does not match.\n"); |
654 | #endif | 676 | #endif |
677 | free(uri); | ||
655 | return MHD_NO; | 678 | return MHD_NO; |
656 | } | 679 | } |
657 | { | 680 | { |
@@ -669,7 +692,8 @@ MHD_digest_auth_check (struct MHD_Connection *connection, | |||
669 | MHD_DLOG (connection->daemon, | 692 | MHD_DLOG (connection->daemon, |
670 | "Authentication failed, arguments do not match.\n"); | 693 | "Authentication failed, arguments do not match.\n"); |
671 | #endif | 694 | #endif |
672 | return MHD_NO; | 695 | free(uri); |
696 | return MHD_NO; | ||
673 | } | 697 | } |
674 | } | 698 | } |
675 | calculate_nonce (nonce_time, | 699 | calculate_nonce (nonce_time, |
@@ -690,7 +714,10 @@ MHD_digest_auth_check (struct MHD_Connection *connection, | |||
690 | */ | 714 | */ |
691 | 715 | ||
692 | if (0 != strcmp (nonce, noncehashexp)) | 716 | if (0 != strcmp (nonce, noncehashexp)) |
717 | { | ||
718 | free(uri); | ||
693 | return MHD_INVALID_NONCE; | 719 | return MHD_INVALID_NONCE; |
720 | } | ||
694 | if ( (0 == lookup_sub_value (cnonce, | 721 | if ( (0 == lookup_sub_value (cnonce, |
695 | sizeof (cnonce), | 722 | sizeof (cnonce), |
696 | header, "cnonce")) || | 723 | header, "cnonce")) || |
@@ -704,6 +731,7 @@ MHD_digest_auth_check (struct MHD_Connection *connection, | |||
704 | MHD_DLOG (connection->daemon, | 731 | MHD_DLOG (connection->daemon, |
705 | "Authentication failed, invalid format.\n"); | 732 | "Authentication failed, invalid format.\n"); |
706 | #endif | 733 | #endif |
734 | free(uri); | ||
707 | return MHD_NO; | 735 | return MHD_NO; |
708 | } | 736 | } |
709 | nci = strtoul (nc, &end, 16); | 737 | nci = strtoul (nc, &end, 16); |
@@ -715,6 +743,7 @@ MHD_digest_auth_check (struct MHD_Connection *connection, | |||
715 | MHD_DLOG (connection->daemon, | 743 | MHD_DLOG (connection->daemon, |
716 | "Authentication failed, invalid format.\n"); | 744 | "Authentication failed, invalid format.\n"); |
717 | #endif | 745 | #endif |
746 | free(uri); | ||
718 | return MHD_NO; /* invalid nonce format */ | 747 | return MHD_NO; /* invalid nonce format */ |
719 | } | 748 | } |
720 | /* | 749 | /* |
@@ -724,7 +753,10 @@ MHD_digest_auth_check (struct MHD_Connection *connection, | |||
724 | */ | 753 | */ |
725 | 754 | ||
726 | if (MHD_YES != check_nonce_nc (connection, nonce, nci)) | 755 | if (MHD_YES != check_nonce_nc (connection, nonce, nci)) |
756 | { | ||
757 | free(uri); | ||
727 | return MHD_NO; | 758 | return MHD_NO; |
759 | } | ||
728 | 760 | ||
729 | digest_calc_ha1("md5", | 761 | digest_calc_ha1("md5", |
730 | username, | 762 | username, |
@@ -742,6 +774,7 @@ MHD_digest_auth_check (struct MHD_Connection *connection, | |||
742 | uri, | 774 | uri, |
743 | hentity, | 775 | hentity, |
744 | respexp); | 776 | respexp); |
777 | free(uri); | ||
745 | return (0 == strcmp(response, respexp)) | 778 | return (0 == strcmp(response, respexp)) |
746 | ? MHD_YES | 779 | ? MHD_YES |
747 | : MHD_NO; | 780 | : MHD_NO; |
@@ -801,10 +834,20 @@ MHD_queue_auth_fail_response (struct MHD_Connection *connection, | |||
801 | ? ",stale=\"true\"" | 834 | ? ",stale=\"true\"" |
802 | : ""); | 835 | : ""); |
803 | { | 836 | { |
804 | char header[hlen + 1]; | 837 | char *header; |
838 | |||
839 | header = malloc(hlen + 1); | ||
840 | if (NULL == header) | ||
841 | { | ||
842 | #if HAVE_MESSAGES | ||
843 | MHD_DLOG(connection->daemon, | ||
844 | "Failed to allocate memory for auth response header\n"); | ||
845 | #endif /* HAVE_MESSAGES */ | ||
846 | return MHD_NO; | ||
847 | } | ||
805 | 848 | ||
806 | MHD_snprintf_(header, | 849 | MHD_snprintf_(header, |
807 | sizeof(header), | 850 | hlen + 1, |
808 | "Digest realm=\"%s\",qop=\"auth\",nonce=\"%s\",opaque=\"%s\"%s", | 851 | "Digest realm=\"%s\",qop=\"auth\",nonce=\"%s\",opaque=\"%s\"%s", |
809 | realm, | 852 | realm, |
810 | nonce, | 853 | nonce, |
@@ -815,6 +858,7 @@ MHD_queue_auth_fail_response (struct MHD_Connection *connection, | |||
815 | ret = MHD_add_response_header(response, | 858 | ret = MHD_add_response_header(response, |
816 | MHD_HTTP_HEADER_WWW_AUTHENTICATE, | 859 | MHD_HTTP_HEADER_WWW_AUTHENTICATE, |
817 | header); | 860 | header); |
861 | free(header); | ||
818 | } | 862 | } |
819 | if (MHD_YES == ret) | 863 | if (MHD_YES == ret) |
820 | ret = MHD_queue_response(connection, | 864 | ret = MHD_queue_response(connection, |