aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEvgeny Grin (Karlson2k) <k2k@narod.ru>2022-08-09 19:59:20 +0300
committerEvgeny Grin (Karlson2k) <k2k@narod.ru>2022-08-09 21:24:55 +0300
commit228ddbd181aa6562331f3841649637d73e9d3855 (patch)
tree26217e56f7836a6993a542f8779243f957cd5851
parent20001736f8970e3fdf0e8dc6018bfe2cfdeec950 (diff)
downloadlibmicrohttpd-228ddbd181aa6562331f3841649637d73e9d3855.tar.gz
libmicrohttpd-228ddbd181aa6562331f3841649637d73e9d3855.zip
digestauth: limit nonce-count to uint32_t
-rw-r--r--src/microhttpd/digestauth.c6
-rw-r--r--src/microhttpd/internal.h2
2 files changed, 4 insertions, 4 deletions
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c
index d35a87a7..e9a7e35f 100644
--- a/src/microhttpd/digestauth.c
+++ b/src/microhttpd/digestauth.c
@@ -590,7 +590,7 @@ check_nonce_nc (struct MHD_Connection *connection,
590 mod = daemon->nonce_nc_size; 590 mod = daemon->nonce_nc_size;
591 if (0 == mod) 591 if (0 == mod)
592 return MHD_CHECK_NONCENC_STALE; /* no array! */ 592 return MHD_CHECK_NONCENC_STALE; /* no array! */
593 if (nc >= UINT64_MAX - 64) 593 if (nc >= UINT32_MAX - 64)
594 return MHD_CHECK_NONCENC_STALE; /* Overflow, unrealistically high value */ 594 return MHD_CHECK_NONCENC_STALE; /* Overflow, unrealistically high value */
595 595
596 nn = &daemon->nnc[get_nonce_nc_idx (mod, nonce, noncelen)]; 596 nn = &daemon->nnc[get_nonce_nc_idx (mod, nonce, noncelen)];
@@ -649,7 +649,7 @@ check_nonce_nc (struct MHD_Connection *connection,
649 else if (nc > nn->nc) 649 else if (nc > nn->nc)
650 { 650 {
651 /* 'nc' is larger, shift bitmask and bump limit */ 651 /* 'nc' is larger, shift bitmask and bump limit */
652 const uint64_t jump_size = nc - nn->nc; 652 const uint32_t jump_size = (uint32_t) nc - nn->nc;
653 if (64 > jump_size) 653 if (64 > jump_size)
654 { 654 {
655 /* small jump, less than mask width */ 655 /* small jump, less than mask width */
@@ -661,7 +661,7 @@ check_nonce_nc (struct MHD_Connection *connection,
661 nn->nmask = (UINT64_C (1) << 63); 661 nn->nmask = (UINT64_C (1) << 63);
662 else 662 else
663 nn->nmask = 0; /* big jump, unset all bits in the mask */ 663 nn->nmask = 0; /* big jump, unset all bits in the mask */
664 nn->nc = nc; 664 nn->nc = (uint32_t) nc;
665 ret = MHD_CHECK_NONCENC_OK; 665 ret = MHD_CHECK_NONCENC_OK;
666 } 666 }
667 else if (nc < nn->nc) 667 else if (nc < nn->nc)
diff --git a/src/microhttpd/internal.h b/src/microhttpd/internal.h
index e9ffb28a..e91369ad 100644
--- a/src/microhttpd/internal.h
+++ b/src/microhttpd/internal.h
@@ -268,7 +268,7 @@ struct MHD_NonceNc
268 * 'nc' value. 268 * 'nc' value.
269 * This 'nc' value was already used by the client. 269 * This 'nc' value was already used by the client.
270 */ 270 */
271 uint64_t nc; 271 uint32_t nc;
272 272
273 /** 273 /**
274 * Bitmask over the previous 64 nonce counter values (down to to nc-64). 274 * Bitmask over the previous 64 nonce counter values (down to to nc-64).