diff options
author | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2016-04-08 16:31:05 +0000 |
---|---|---|
committer | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2016-04-08 16:31:05 +0000 |
commit | 1226d45eba22faf9d1f776f0d4151601364ca317 (patch) | |
tree | 3c5c84d93babdf4e103e20c14a333a591a255ae2 | |
parent | 6096c8a88ea2265016502c9ed677ac4116455da8 (diff) | |
download | libmicrohttpd-1226d45eba22faf9d1f776f0d4151601364ca317.tar.gz libmicrohttpd-1226d45eba22faf9d1f776f0d4151601364ca317.zip |
Check result of snprintf() in basicauth.c and digestauth.c, log more errors
-rw-r--r-- | src/microhttpd/basicauth.c | 27 | ||||
-rw-r--r-- | src/microhttpd/digestauth.c | 19 |
2 files changed, 35 insertions, 11 deletions
diff --git a/src/microhttpd/basicauth.c b/src/microhttpd/basicauth.c index 51f9cf93..bb9e1ea4 100644 --- a/src/microhttpd/basicauth.c +++ b/src/microhttpd/basicauth.c | |||
@@ -117,7 +117,7 @@ MHD_queue_basic_auth_fail_response (struct MHD_Connection *connection, | |||
117 | const char *realm, | 117 | const char *realm, |
118 | struct MHD_Response *response) | 118 | struct MHD_Response *response) |
119 | { | 119 | { |
120 | int ret; | 120 | int ret, res; |
121 | size_t hlen = strlen(realm) + strlen("Basic realm=\"\"") + 1; | 121 | size_t hlen = strlen(realm) + strlen("Basic realm=\"\"") + 1; |
122 | char *header; | 122 | char *header; |
123 | 123 | ||
@@ -130,18 +130,29 @@ MHD_queue_basic_auth_fail_response (struct MHD_Connection *connection, | |||
130 | #endif /* HAVE_MESSAGES */ | 130 | #endif /* HAVE_MESSAGES */ |
131 | return MHD_NO; | 131 | return MHD_NO; |
132 | } | 132 | } |
133 | MHD_snprintf_ (header, | 133 | res = MHD_snprintf_ (header, |
134 | hlen, | 134 | hlen, |
135 | "Basic realm=\"%s\"", | 135 | "Basic realm=\"%s\"", |
136 | realm); | 136 | realm); |
137 | ret = MHD_add_response_header (response, | 137 | if (res > 0 && res < hlen) |
138 | MHD_HTTP_HEADER_WWW_AUTHENTICATE, | 138 | ret = MHD_add_response_header (response, |
139 | header); | 139 | MHD_HTTP_HEADER_WWW_AUTHENTICATE, |
140 | header); | ||
141 | else | ||
142 | ret = MHD_NO; | ||
143 | |||
140 | free(header); | 144 | free(header); |
141 | if (MHD_YES == ret) | 145 | if (MHD_YES == ret) |
142 | ret = MHD_queue_response (connection, | 146 | ret = MHD_queue_response (connection, |
143 | MHD_HTTP_UNAUTHORIZED, | 147 | MHD_HTTP_UNAUTHORIZED, |
144 | response); | 148 | response); |
149 | else | ||
150 | { | ||
151 | #ifdef HAVE_MESSAGES | ||
152 | MHD_DLOG (connection->daemon, | ||
153 | "Failed to add Basic auth header\n"); | ||
154 | #endif /* HAVE_MESSAGES */ | ||
155 | } | ||
145 | return ret; | 156 | return ret; |
146 | } | 157 | } |
147 | 158 | ||
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c index 8e38dc41..851eaa3f 100644 --- a/src/microhttpd/digestauth.c +++ b/src/microhttpd/digestauth.c | |||
@@ -822,6 +822,7 @@ MHD_queue_auth_fail_response (struct MHD_Connection *connection, | |||
822 | signal_stale | 822 | signal_stale |
823 | ? ",stale=\"true\"" | 823 | ? ",stale=\"true\"" |
824 | : ""); | 824 | : ""); |
825 | if (hlen > 0) | ||
825 | { | 826 | { |
826 | char *header; | 827 | char *header; |
827 | 828 | ||
@@ -835,7 +836,7 @@ MHD_queue_auth_fail_response (struct MHD_Connection *connection, | |||
835 | return MHD_NO; | 836 | return MHD_NO; |
836 | } | 837 | } |
837 | 838 | ||
838 | MHD_snprintf_(header, | 839 | if (MHD_snprintf_(header, |
839 | hlen + 1, | 840 | hlen + 1, |
840 | "Digest realm=\"%s\",qop=\"auth\",nonce=\"%s\",opaque=\"%s\"%s", | 841 | "Digest realm=\"%s\",qop=\"auth\",nonce=\"%s\",opaque=\"%s\"%s", |
841 | realm, | 842 | realm, |
@@ -843,16 +844,28 @@ MHD_queue_auth_fail_response (struct MHD_Connection *connection, | |||
843 | opaque, | 844 | opaque, |
844 | signal_stale | 845 | signal_stale |
845 | ? ",stale=\"true\"" | 846 | ? ",stale=\"true\"" |
846 | : ""); | 847 | : "") == hlen) |
847 | ret = MHD_add_response_header(response, | 848 | ret = MHD_add_response_header(response, |
848 | MHD_HTTP_HEADER_WWW_AUTHENTICATE, | 849 | MHD_HTTP_HEADER_WWW_AUTHENTICATE, |
849 | header); | 850 | header); |
851 | else | ||
852 | ret = MHD_NO; | ||
850 | free(header); | 853 | free(header); |
851 | } | 854 | } |
855 | else | ||
856 | ret = MHD_NO; | ||
857 | |||
852 | if (MHD_YES == ret) | 858 | if (MHD_YES == ret) |
853 | ret = MHD_queue_response(connection, | 859 | ret = MHD_queue_response(connection, |
854 | MHD_HTTP_UNAUTHORIZED, | 860 | MHD_HTTP_UNAUTHORIZED, |
855 | response); | 861 | response); |
862 | else | ||
863 | { | ||
864 | #ifdef HAVE_MESSAGES | ||
865 | MHD_DLOG (connection->daemon, | ||
866 | "Failed to add Digest auth header\n"); | ||
867 | #endif /* HAVE_MESSAGES */ | ||
868 | } | ||
856 | return ret; | 869 | return ret; |
857 | } | 870 | } |
858 | 871 | ||