diff options
author | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2022-07-24 13:51:15 +0300 |
---|---|---|
committer | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2022-07-28 07:21:33 +0300 |
commit | 4baec145d4c68fbd8efd4052abca24d244bf3188 (patch) | |
tree | 1d383e3472c2f811733377c89eaa81785c18b25b | |
parent | 13db035fc9e191e99dbaf3507e45516eb4ffeabd (diff) | |
download | libmicrohttpd-4baec145d4c68fbd8efd4052abca24d244bf3188.tar.gz libmicrohttpd-4baec145d4c68fbd8efd4052abca24d244bf3188.zip |
Digest Auth public structs: removed redundant member
Added one more check for data validity.
-rw-r--r-- | src/include/microhttpd.h | 45 | ||||
-rw-r--r-- | src/microhttpd/digestauth.c | 18 | ||||
-rw-r--r-- | src/testcurl/test_digestauth_emu_ext.c | 4 |
3 files changed, 39 insertions, 28 deletions
diff --git a/src/include/microhttpd.h b/src/include/microhttpd.h index dac05e85..9cf44ccb 100644 --- a/src/include/microhttpd.h +++ b/src/include/microhttpd.h | |||
@@ -96,7 +96,7 @@ extern "C" | |||
96 | * they are parsed as decimal numbers. | 96 | * they are parsed as decimal numbers. |
97 | * Example: 0x01093001 = 1.9.30-1. | 97 | * Example: 0x01093001 = 1.9.30-1. |
98 | */ | 98 | */ |
99 | #define MHD_VERSION 0x00097523 | 99 | #define MHD_VERSION 0x00097525 |
100 | 100 | ||
101 | /* If generic headers don't work on your platform, include headers | 101 | /* If generic headers don't work on your platform, include headers |
102 | which define 'va_list', 'size_t', 'ssize_t', 'intptr_t', 'off_t', | 102 | which define 'va_list', 'size_t', 'ssize_t', 'intptr_t', 'off_t', |
@@ -4664,7 +4664,7 @@ enum MHD_DigestAuthMultiQOP | |||
4664 | * | 4664 | * |
4665 | * Application may modify buffers as needed until #MHD_free() is called for | 4665 | * Application may modify buffers as needed until #MHD_free() is called for |
4666 | * pointer to this structure | 4666 | * pointer to this structure |
4667 | * @note Available since #MHD_VERSION 0x00097519 | 4667 | * @note Available since #MHD_VERSION 0x00097525 |
4668 | */ | 4668 | */ |
4669 | struct MHD_DigestAuthInfo | 4669 | struct MHD_DigestAuthInfo |
4670 | { | 4670 | { |
@@ -4676,10 +4676,12 @@ struct MHD_DigestAuthInfo | |||
4676 | * which uses other values! | 4676 | * which uses other values! |
4677 | */ | 4677 | */ |
4678 | enum MHD_DigestAuthAlgo3 algo; | 4678 | enum MHD_DigestAuthAlgo3 algo; |
4679 | |||
4679 | /** | 4680 | /** |
4680 | * The type of username used by client. | 4681 | * The type of username used by client. |
4681 | */ | 4682 | */ |
4682 | enum MHD_DigestAuthUsernameType uname_type; | 4683 | enum MHD_DigestAuthUsernameType uname_type; |
4684 | |||
4683 | /** | 4685 | /** |
4684 | * The username string. | 4686 | * The username string. |
4685 | * Valid only if username is standard, extended, or userhash. | 4687 | * Valid only if username is standard, extended, or userhash. |
@@ -4691,46 +4693,54 @@ struct MHD_DigestAuthInfo | |||
4691 | * This can be NULL is username is missing or invalid. | 4693 | * This can be NULL is username is missing or invalid. |
4692 | */ | 4694 | */ |
4693 | char *username; | 4695 | char *username; |
4696 | |||
4694 | /** | 4697 | /** |
4695 | * The length of the @a username. | 4698 | * The length of the @a username. |
4696 | * When the @a username is NULL, this member is always zero. | 4699 | * When the @a username is NULL, this member is always zero. |
4697 | */ | 4700 | */ |
4698 | size_t username_len; | 4701 | size_t username_len; |
4702 | |||
4699 | /** | 4703 | /** |
4700 | * The userhash decoded to binary form. | 4704 | * The userhash decoded to binary form. |
4701 | * Used only if username type is userhash, always NULL otherwise. | 4705 | * Used only if username type is userhash, always NULL otherwise. |
4702 | * @warning this is a binary data, no zero termination | 4706 | * When not NULL, this points to binary sequence @a username_len /2 bytes |
4707 | * long. | ||
4708 | * @warning This is binary data, no zero termination. | ||
4709 | * @warning To avoid buffer overruns, always check the size of the data before | ||
4710 | * use, because @ userhash_bin can point even to zero-sized | ||
4711 | * data. | ||
4703 | */ | 4712 | */ |
4704 | uint8_t *userhash_bin; | 4713 | uint8_t *userhash_bin; |
4705 | /** | 4714 | |
4706 | * The number of bytes pointed by the @a userhash_bin. | ||
4707 | * When the @a userhash_bin is NULL, this member is always zero. | ||
4708 | */ | ||
4709 | size_t userhash_bin_size; | ||
4710 | /** | 4715 | /** |
4711 | * The 'opaque' parameter value, as specified by client. | 4716 | * The 'opaque' parameter value, as specified by client. |
4712 | * NULL if not specified by client. | 4717 | * NULL if not specified by client. |
4713 | */ | 4718 | */ |
4714 | char *opaque; | 4719 | char *opaque; |
4720 | |||
4715 | /** | 4721 | /** |
4716 | * The length of the @a opaque. | 4722 | * The length of the @a opaque. |
4717 | * When the @a opaque is NULL, this member is always zero. | 4723 | * When the @a opaque is NULL, this member is always zero. |
4718 | */ | 4724 | */ |
4719 | size_t opaque_len; | 4725 | size_t opaque_len; |
4726 | |||
4720 | /** | 4727 | /** |
4721 | * The 'realm' parameter value, as specified by client. | 4728 | * The 'realm' parameter value, as specified by client. |
4722 | * NULL if not specified by client. | 4729 | * NULL if not specified by client. |
4723 | */ | 4730 | */ |
4724 | char *realm; | 4731 | char *realm; |
4732 | |||
4725 | /** | 4733 | /** |
4726 | * The length of the @a realm. | 4734 | * The length of the @a realm. |
4727 | * When the @a realm is NULL, this member is always zero. | 4735 | * When the @a realm is NULL, this member is always zero. |
4728 | */ | 4736 | */ |
4729 | size_t realm_len; | 4737 | size_t realm_len; |
4738 | |||
4730 | /** | 4739 | /** |
4731 | * The 'qop' parameter value. | 4740 | * The 'qop' parameter value. |
4732 | */ | 4741 | */ |
4733 | enum MHD_DigestAuthQOP qop; | 4742 | enum MHD_DigestAuthQOP qop; |
4743 | |||
4734 | /** | 4744 | /** |
4735 | * The length of the 'cnonce' parameter value, including possible | 4745 | * The length of the 'cnonce' parameter value, including possible |
4736 | * backslash-escape characters. | 4746 | * backslash-escape characters. |
@@ -4740,6 +4750,7 @@ struct MHD_DigestAuthInfo | |||
4740 | * characters long. | 4750 | * characters long. |
4741 | */ | 4751 | */ |
4742 | size_t cnonce_len; | 4752 | size_t cnonce_len; |
4753 | |||
4743 | /** | 4754 | /** |
4744 | * The nc parameter value. | 4755 | * The nc parameter value. |
4745 | * Can be used by application to limit the number of nonce re-uses. If @ nc | 4756 | * Can be used by application to limit the number of nonce re-uses. If @ nc |
@@ -4773,7 +4784,7 @@ MHD_digest_auth_get_request_info3 (struct MHD_Connection *connection); | |||
4773 | * | 4784 | * |
4774 | * Application may modify buffers as needed until #MHD_free() is called for | 4785 | * Application may modify buffers as needed until #MHD_free() is called for |
4775 | * pointer to this structure | 4786 | * pointer to this structure |
4776 | * @note Available since #MHD_VERSION 0x00097519 | 4787 | * @note Available since #MHD_VERSION 0x00097525 |
4777 | */ | 4788 | */ |
4778 | struct MHD_DigestAuthUsernameInfo | 4789 | struct MHD_DigestAuthUsernameInfo |
4779 | { | 4790 | { |
@@ -4783,6 +4794,7 @@ struct MHD_DigestAuthUsernameInfo | |||
4783 | * instead NULL is returned by #MHD_digest_auth_get_username3(). | 4794 | * instead NULL is returned by #MHD_digest_auth_get_username3(). |
4784 | */ | 4795 | */ |
4785 | enum MHD_DigestAuthUsernameType uname_type; | 4796 | enum MHD_DigestAuthUsernameType uname_type; |
4797 | |||
4786 | /** | 4798 | /** |
4787 | * The username string. | 4799 | * The username string. |
4788 | * Valid only if username is standard, extended, or userhash. | 4800 | * Valid only if username is standard, extended, or userhash. |
@@ -4794,22 +4806,23 @@ struct MHD_DigestAuthUsernameInfo | |||
4794 | * This can be NULL is username is missing or invalid. | 4806 | * This can be NULL is username is missing or invalid. |
4795 | */ | 4807 | */ |
4796 | char *username; | 4808 | char *username; |
4809 | |||
4797 | /** | 4810 | /** |
4798 | * The length of the @a username. | 4811 | * The length of the @a username. |
4799 | * When the @a username is NULL, this member is always zero. | 4812 | * When the @a username is NULL, this member is always zero. |
4800 | */ | 4813 | */ |
4801 | size_t username_len; | 4814 | size_t username_len; |
4815 | |||
4802 | /** | 4816 | /** |
4803 | * The userhash decoded to binary form. | 4817 | * The userhash decoded to binary form. |
4804 | * Used only if username type is userhash, always NULL if not used. | 4818 | * When not NULL, this points to binary sequence @a username_len /2 bytes |
4805 | * @warning this is a binary data, no zero termination | 4819 | * long. |
4820 | * @warning This is binary data, no zero termination. | ||
4821 | * @warning To avoid buffer overruns, always check the size of the data before | ||
4822 | * use, because @ userhash_bin can point even to zero-sized | ||
4823 | * data. | ||
4806 | */ | 4824 | */ |
4807 | uint8_t *userhash_bin; | 4825 | uint8_t *userhash_bin; |
4808 | /** | ||
4809 | * The number of bytes pointed by the @a userhash_bin. | ||
4810 | * When the @a userhash_bin is NULL, this member is always zero. | ||
4811 | */ | ||
4812 | size_t userhash_bin_size; | ||
4813 | }; | 4826 | }; |
4814 | 4827 | ||
4815 | /** | 4828 | /** |
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c index b1add8fc..b6a22785 100644 --- a/src/microhttpd/digestauth.c +++ b/src/microhttpd/digestauth.c | |||
@@ -881,20 +881,23 @@ get_rq_uname (const struct MHD_RqDAuth *params, | |||
881 | buf_used += uname_info->username_len + 1; | 881 | buf_used += uname_info->username_len + 1; |
882 | if (MHD_DIGEST_AUTH_UNAME_TYPE_USERHASH == uname_type) | 882 | if (MHD_DIGEST_AUTH_UNAME_TYPE_USERHASH == uname_type) |
883 | { | 883 | { |
884 | uname_info->userhash_bin_size = MHD_hex_to_bin (uname_info->username, | 884 | size_t res; |
885 | uname_info->username_len, | 885 | uint8_t *const bin_data = (uint8_t *) (buf + buf_used); |
886 | buf + buf_used); | 886 | res = MHD_hex_to_bin (uname_info->username, |
887 | if ( (0 == uname_info->userhash_bin_size) && | 887 | uname_info->username_len, |
888 | (0 != uname_info->username_len) ) | 888 | bin_data); |
889 | if (res != uname_info->username_len / 2) | ||
889 | { | 890 | { |
890 | uname_info->userhash_bin = NULL; | 891 | uname_info->userhash_bin = NULL; |
891 | uname_info->uname_type = MHD_DIGEST_AUTH_UNAME_TYPE_INVALID; | 892 | uname_info->uname_type = MHD_DIGEST_AUTH_UNAME_TYPE_INVALID; |
892 | } | 893 | } |
893 | else | 894 | else |
894 | { | 895 | { |
895 | uname_info->userhash_bin = (uint8_t *) (buf + buf_used); | 896 | /* Avoid pointers outside allocated region when the size is zero */ |
897 | uname_info->userhash_bin = (0 != res) ? | ||
898 | bin_data : (uint8_t *) uname_info->username; | ||
896 | uname_info->uname_type = MHD_DIGEST_AUTH_UNAME_TYPE_USERHASH; | 899 | uname_info->uname_type = MHD_DIGEST_AUTH_UNAME_TYPE_USERHASH; |
897 | buf_used += uname_info->userhash_bin_size; | 900 | buf_used += res; |
898 | } | 901 | } |
899 | } | 902 | } |
900 | else | 903 | else |
@@ -1093,7 +1096,6 @@ MHD_digest_auth_get_request_info3 (struct MHD_Connection *connection) | |||
1093 | info->username = uname_strct.username; | 1096 | info->username = uname_strct.username; |
1094 | info->username_len = uname_strct.username_len; | 1097 | info->username_len = uname_strct.username_len; |
1095 | info->userhash_bin = uname_strct.userhash_bin; | 1098 | info->userhash_bin = uname_strct.userhash_bin; |
1096 | info->userhash_bin_size = uname_strct.userhash_bin_size; | ||
1097 | } | 1099 | } |
1098 | else | 1100 | else |
1099 | info->uname_type = uname_type; | 1101 | info->uname_type = uname_type; |
diff --git a/src/testcurl/test_digestauth_emu_ext.c b/src/testcurl/test_digestauth_emu_ext.c index 2cd2519f..f4a0b9e8 100644 --- a/src/testcurl/test_digestauth_emu_ext.c +++ b/src/testcurl/test_digestauth_emu_ext.c | |||
@@ -383,8 +383,6 @@ ahc_echo (void *cls, | |||
383 | } | 383 | } |
384 | else if (NULL != creds->userhash_bin) | 384 | else if (NULL != creds->userhash_bin) |
385 | mhdErrorExitDesc ("'userhash_bin' is NOT NULL"); | 385 | mhdErrorExitDesc ("'userhash_bin' is NOT NULL"); |
386 | else if (0 != creds->userhash_bin_size) | ||
387 | mhdErrorExitDesc ("'userhash_bin_size' is NOT zero"); | ||
388 | MHD_free (creds); | 386 | MHD_free (creds); |
389 | 387 | ||
390 | dinfo = MHD_digest_auth_get_request_info3 (connection); | 388 | dinfo = MHD_digest_auth_get_request_info3 (connection); |
@@ -419,8 +417,6 @@ ahc_echo (void *cls, | |||
419 | } | 417 | } |
420 | else if (NULL != dinfo->userhash_bin) | 418 | else if (NULL != dinfo->userhash_bin) |
421 | mhdErrorExitDesc ("'userhash_bin' is NOT NULL"); | 419 | mhdErrorExitDesc ("'userhash_bin' is NOT NULL"); |
422 | else if (0 != dinfo->userhash_bin_size) | ||
423 | mhdErrorExitDesc ("'userhash_bin_size' is NOT zero"); | ||
424 | else if (MHD_DIGEST_AUTH_ALGO3_MD5 != dinfo->algo) | 420 | else if (MHD_DIGEST_AUTH_ALGO3_MD5 != dinfo->algo) |
425 | { | 421 | { |
426 | fprintf (stderr, "Unexpected 'algo'.\n" | 422 | fprintf (stderr, "Unexpected 'algo'.\n" |