aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEvgeny Grin (Karlson2k) <k2k@narod.ru>2022-07-24 13:51:15 +0300
committerEvgeny Grin (Karlson2k) <k2k@narod.ru>2022-07-28 07:21:33 +0300
commit4baec145d4c68fbd8efd4052abca24d244bf3188 (patch)
tree1d383e3472c2f811733377c89eaa81785c18b25b
parent13db035fc9e191e99dbaf3507e45516eb4ffeabd (diff)
downloadlibmicrohttpd-4baec145d4c68fbd8efd4052abca24d244bf3188.tar.gz
libmicrohttpd-4baec145d4c68fbd8efd4052abca24d244bf3188.zip
Digest Auth public structs: removed redundant member
Added one more check for data validity.
-rw-r--r--src/include/microhttpd.h45
-rw-r--r--src/microhttpd/digestauth.c18
-rw-r--r--src/testcurl/test_digestauth_emu_ext.c4
3 files changed, 39 insertions, 28 deletions
diff --git a/src/include/microhttpd.h b/src/include/microhttpd.h
index dac05e85..9cf44ccb 100644
--- a/src/include/microhttpd.h
+++ b/src/include/microhttpd.h
@@ -96,7 +96,7 @@ extern "C"
96 * they are parsed as decimal numbers. 96 * they are parsed as decimal numbers.
97 * Example: 0x01093001 = 1.9.30-1. 97 * Example: 0x01093001 = 1.9.30-1.
98 */ 98 */
99#define MHD_VERSION 0x00097523 99#define MHD_VERSION 0x00097525
100 100
101/* If generic headers don't work on your platform, include headers 101/* If generic headers don't work on your platform, include headers
102 which define 'va_list', 'size_t', 'ssize_t', 'intptr_t', 'off_t', 102 which define 'va_list', 'size_t', 'ssize_t', 'intptr_t', 'off_t',
@@ -4664,7 +4664,7 @@ enum MHD_DigestAuthMultiQOP
4664 * 4664 *
4665 * Application may modify buffers as needed until #MHD_free() is called for 4665 * Application may modify buffers as needed until #MHD_free() is called for
4666 * pointer to this structure 4666 * pointer to this structure
4667 * @note Available since #MHD_VERSION 0x00097519 4667 * @note Available since #MHD_VERSION 0x00097525
4668 */ 4668 */
4669struct MHD_DigestAuthInfo 4669struct MHD_DigestAuthInfo
4670{ 4670{
@@ -4676,10 +4676,12 @@ struct MHD_DigestAuthInfo
4676 * which uses other values! 4676 * which uses other values!
4677 */ 4677 */
4678 enum MHD_DigestAuthAlgo3 algo; 4678 enum MHD_DigestAuthAlgo3 algo;
4679
4679 /** 4680 /**
4680 * The type of username used by client. 4681 * The type of username used by client.
4681 */ 4682 */
4682 enum MHD_DigestAuthUsernameType uname_type; 4683 enum MHD_DigestAuthUsernameType uname_type;
4684
4683 /** 4685 /**
4684 * The username string. 4686 * The username string.
4685 * Valid only if username is standard, extended, or userhash. 4687 * Valid only if username is standard, extended, or userhash.
@@ -4691,46 +4693,54 @@ struct MHD_DigestAuthInfo
4691 * This can be NULL is username is missing or invalid. 4693 * This can be NULL is username is missing or invalid.
4692 */ 4694 */
4693 char *username; 4695 char *username;
4696
4694 /** 4697 /**
4695 * The length of the @a username. 4698 * The length of the @a username.
4696 * When the @a username is NULL, this member is always zero. 4699 * When the @a username is NULL, this member is always zero.
4697 */ 4700 */
4698 size_t username_len; 4701 size_t username_len;
4702
4699 /** 4703 /**
4700 * The userhash decoded to binary form. 4704 * The userhash decoded to binary form.
4701 * Used only if username type is userhash, always NULL otherwise. 4705 * Used only if username type is userhash, always NULL otherwise.
4702 * @warning this is a binary data, no zero termination 4706 * When not NULL, this points to binary sequence @a username_len /2 bytes
4707 * long.
4708 * @warning This is binary data, no zero termination.
4709 * @warning To avoid buffer overruns, always check the size of the data before
4710 * use, because @ userhash_bin can point even to zero-sized
4711 * data.
4703 */ 4712 */
4704 uint8_t *userhash_bin; 4713 uint8_t *userhash_bin;
4705 /** 4714
4706 * The number of bytes pointed by the @a userhash_bin.
4707 * When the @a userhash_bin is NULL, this member is always zero.
4708 */
4709 size_t userhash_bin_size;
4710 /** 4715 /**
4711 * The 'opaque' parameter value, as specified by client. 4716 * The 'opaque' parameter value, as specified by client.
4712 * NULL if not specified by client. 4717 * NULL if not specified by client.
4713 */ 4718 */
4714 char *opaque; 4719 char *opaque;
4720
4715 /** 4721 /**
4716 * The length of the @a opaque. 4722 * The length of the @a opaque.
4717 * When the @a opaque is NULL, this member is always zero. 4723 * When the @a opaque is NULL, this member is always zero.
4718 */ 4724 */
4719 size_t opaque_len; 4725 size_t opaque_len;
4726
4720 /** 4727 /**
4721 * The 'realm' parameter value, as specified by client. 4728 * The 'realm' parameter value, as specified by client.
4722 * NULL if not specified by client. 4729 * NULL if not specified by client.
4723 */ 4730 */
4724 char *realm; 4731 char *realm;
4732
4725 /** 4733 /**
4726 * The length of the @a realm. 4734 * The length of the @a realm.
4727 * When the @a realm is NULL, this member is always zero. 4735 * When the @a realm is NULL, this member is always zero.
4728 */ 4736 */
4729 size_t realm_len; 4737 size_t realm_len;
4738
4730 /** 4739 /**
4731 * The 'qop' parameter value. 4740 * The 'qop' parameter value.
4732 */ 4741 */
4733 enum MHD_DigestAuthQOP qop; 4742 enum MHD_DigestAuthQOP qop;
4743
4734 /** 4744 /**
4735 * The length of the 'cnonce' parameter value, including possible 4745 * The length of the 'cnonce' parameter value, including possible
4736 * backslash-escape characters. 4746 * backslash-escape characters.
@@ -4740,6 +4750,7 @@ struct MHD_DigestAuthInfo
4740 * characters long. 4750 * characters long.
4741 */ 4751 */
4742 size_t cnonce_len; 4752 size_t cnonce_len;
4753
4743 /** 4754 /**
4744 * The nc parameter value. 4755 * The nc parameter value.
4745 * Can be used by application to limit the number of nonce re-uses. If @ nc 4756 * Can be used by application to limit the number of nonce re-uses. If @ nc
@@ -4773,7 +4784,7 @@ MHD_digest_auth_get_request_info3 (struct MHD_Connection *connection);
4773 * 4784 *
4774 * Application may modify buffers as needed until #MHD_free() is called for 4785 * Application may modify buffers as needed until #MHD_free() is called for
4775 * pointer to this structure 4786 * pointer to this structure
4776 * @note Available since #MHD_VERSION 0x00097519 4787 * @note Available since #MHD_VERSION 0x00097525
4777 */ 4788 */
4778struct MHD_DigestAuthUsernameInfo 4789struct MHD_DigestAuthUsernameInfo
4779{ 4790{
@@ -4783,6 +4794,7 @@ struct MHD_DigestAuthUsernameInfo
4783 * instead NULL is returned by #MHD_digest_auth_get_username3(). 4794 * instead NULL is returned by #MHD_digest_auth_get_username3().
4784 */ 4795 */
4785 enum MHD_DigestAuthUsernameType uname_type; 4796 enum MHD_DigestAuthUsernameType uname_type;
4797
4786 /** 4798 /**
4787 * The username string. 4799 * The username string.
4788 * Valid only if username is standard, extended, or userhash. 4800 * Valid only if username is standard, extended, or userhash.
@@ -4794,22 +4806,23 @@ struct MHD_DigestAuthUsernameInfo
4794 * This can be NULL is username is missing or invalid. 4806 * This can be NULL is username is missing or invalid.
4795 */ 4807 */
4796 char *username; 4808 char *username;
4809
4797 /** 4810 /**
4798 * The length of the @a username. 4811 * The length of the @a username.
4799 * When the @a username is NULL, this member is always zero. 4812 * When the @a username is NULL, this member is always zero.
4800 */ 4813 */
4801 size_t username_len; 4814 size_t username_len;
4815
4802 /** 4816 /**
4803 * The userhash decoded to binary form. 4817 * The userhash decoded to binary form.
4804 * Used only if username type is userhash, always NULL if not used. 4818 * When not NULL, this points to binary sequence @a username_len /2 bytes
4805 * @warning this is a binary data, no zero termination 4819 * long.
4820 * @warning This is binary data, no zero termination.
4821 * @warning To avoid buffer overruns, always check the size of the data before
4822 * use, because @ userhash_bin can point even to zero-sized
4823 * data.
4806 */ 4824 */
4807 uint8_t *userhash_bin; 4825 uint8_t *userhash_bin;
4808 /**
4809 * The number of bytes pointed by the @a userhash_bin.
4810 * When the @a userhash_bin is NULL, this member is always zero.
4811 */
4812 size_t userhash_bin_size;
4813}; 4826};
4814 4827
4815/** 4828/**
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c
index b1add8fc..b6a22785 100644
--- a/src/microhttpd/digestauth.c
+++ b/src/microhttpd/digestauth.c
@@ -881,20 +881,23 @@ get_rq_uname (const struct MHD_RqDAuth *params,
881 buf_used += uname_info->username_len + 1; 881 buf_used += uname_info->username_len + 1;
882 if (MHD_DIGEST_AUTH_UNAME_TYPE_USERHASH == uname_type) 882 if (MHD_DIGEST_AUTH_UNAME_TYPE_USERHASH == uname_type)
883 { 883 {
884 uname_info->userhash_bin_size = MHD_hex_to_bin (uname_info->username, 884 size_t res;
885 uname_info->username_len, 885 uint8_t *const bin_data = (uint8_t *) (buf + buf_used);
886 buf + buf_used); 886 res = MHD_hex_to_bin (uname_info->username,
887 if ( (0 == uname_info->userhash_bin_size) && 887 uname_info->username_len,
888 (0 != uname_info->username_len) ) 888 bin_data);
889 if (res != uname_info->username_len / 2)
889 { 890 {
890 uname_info->userhash_bin = NULL; 891 uname_info->userhash_bin = NULL;
891 uname_info->uname_type = MHD_DIGEST_AUTH_UNAME_TYPE_INVALID; 892 uname_info->uname_type = MHD_DIGEST_AUTH_UNAME_TYPE_INVALID;
892 } 893 }
893 else 894 else
894 { 895 {
895 uname_info->userhash_bin = (uint8_t *) (buf + buf_used); 896 /* Avoid pointers outside allocated region when the size is zero */
897 uname_info->userhash_bin = (0 != res) ?
898 bin_data : (uint8_t *) uname_info->username;
896 uname_info->uname_type = MHD_DIGEST_AUTH_UNAME_TYPE_USERHASH; 899 uname_info->uname_type = MHD_DIGEST_AUTH_UNAME_TYPE_USERHASH;
897 buf_used += uname_info->userhash_bin_size; 900 buf_used += res;
898 } 901 }
899 } 902 }
900 else 903 else
@@ -1093,7 +1096,6 @@ MHD_digest_auth_get_request_info3 (struct MHD_Connection *connection)
1093 info->username = uname_strct.username; 1096 info->username = uname_strct.username;
1094 info->username_len = uname_strct.username_len; 1097 info->username_len = uname_strct.username_len;
1095 info->userhash_bin = uname_strct.userhash_bin; 1098 info->userhash_bin = uname_strct.userhash_bin;
1096 info->userhash_bin_size = uname_strct.userhash_bin_size;
1097 } 1099 }
1098 else 1100 else
1099 info->uname_type = uname_type; 1101 info->uname_type = uname_type;
diff --git a/src/testcurl/test_digestauth_emu_ext.c b/src/testcurl/test_digestauth_emu_ext.c
index 2cd2519f..f4a0b9e8 100644
--- a/src/testcurl/test_digestauth_emu_ext.c
+++ b/src/testcurl/test_digestauth_emu_ext.c
@@ -383,8 +383,6 @@ ahc_echo (void *cls,
383 } 383 }
384 else if (NULL != creds->userhash_bin) 384 else if (NULL != creds->userhash_bin)
385 mhdErrorExitDesc ("'userhash_bin' is NOT NULL"); 385 mhdErrorExitDesc ("'userhash_bin' is NOT NULL");
386 else if (0 != creds->userhash_bin_size)
387 mhdErrorExitDesc ("'userhash_bin_size' is NOT zero");
388 MHD_free (creds); 386 MHD_free (creds);
389 387
390 dinfo = MHD_digest_auth_get_request_info3 (connection); 388 dinfo = MHD_digest_auth_get_request_info3 (connection);
@@ -419,8 +417,6 @@ ahc_echo (void *cls,
419 } 417 }
420 else if (NULL != dinfo->userhash_bin) 418 else if (NULL != dinfo->userhash_bin)
421 mhdErrorExitDesc ("'userhash_bin' is NOT NULL"); 419 mhdErrorExitDesc ("'userhash_bin' is NOT NULL");
422 else if (0 != dinfo->userhash_bin_size)
423 mhdErrorExitDesc ("'userhash_bin_size' is NOT zero");
424 else if (MHD_DIGEST_AUTH_ALGO3_MD5 != dinfo->algo) 420 else if (MHD_DIGEST_AUTH_ALGO3_MD5 != dinfo->algo)
425 { 421 {
426 fprintf (stderr, "Unexpected 'algo'.\n" 422 fprintf (stderr, "Unexpected 'algo'.\n"