diff options
author | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2016-04-12 14:36:16 +0000 |
---|---|---|
committer | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2016-04-12 14:36:16 +0000 |
commit | 661a5ee03c1ff438edd46994653c8a5fa3cd075e (patch) | |
tree | a88e7341fdd2df0bb5d57cc0fc4b69a61004cdff | |
parent | 8632cd8c4bb87b5f120d2a518f9ad4807b83c93c (diff) | |
download | libmicrohttpd-661a5ee03c1ff438edd46994653c8a5fa3cd075e.tar.gz libmicrohttpd-661a5ee03c1ff438edd46994653c8a5fa3cd075e.zip |
MHD_digest_auth_check(): used internal function to decode nc, fixed incorrect check
(should be 'ULONG_MAX', not 'LONG_MAX'), new check is more strict.
Function should be more secure now.
-rw-r--r-- | src/microhttpd/digestauth.c | 9 |
1 files changed, 3 insertions, 6 deletions
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c index ea7bc1c7..d4781406 100644 --- a/src/microhttpd/digestauth.c +++ b/src/microhttpd/digestauth.c | |||
@@ -668,7 +668,7 @@ MHD_digest_auth_check (struct MHD_Connection *connection, | |||
668 | (0 == lookup_sub_value (qop, sizeof (qop), header, "qop")) || | 668 | (0 == lookup_sub_value (qop, sizeof (qop), header, "qop")) || |
669 | ( (0 != strcmp (qop, "auth")) && | 669 | ( (0 != strcmp (qop, "auth")) && |
670 | (0 != strcmp (qop, "")) ) || | 670 | (0 != strcmp (qop, "")) ) || |
671 | (0 == lookup_sub_value (nc, sizeof (nc), header, "nc")) || | 671 | (0 == (len = lookup_sub_value (nc, sizeof (nc), header, "nc")) ) || |
672 | (0 == lookup_sub_value (response, sizeof (response), header, "response")) ) | 672 | (0 == lookup_sub_value (response, sizeof (response), header, "response")) ) |
673 | { | 673 | { |
674 | #ifdef HAVE_MESSAGES | 674 | #ifdef HAVE_MESSAGES |
@@ -677,14 +677,11 @@ MHD_digest_auth_check (struct MHD_Connection *connection, | |||
677 | #endif | 677 | #endif |
678 | return MHD_NO; | 678 | return MHD_NO; |
679 | } | 679 | } |
680 | nci = strtoul (nc, &end, 16); | 680 | if (len != MHD_strx_to_uint64_n_ (nc, len, &nci)) |
681 | if ( ('\0' != *end) || | ||
682 | ( (LONG_MAX == nci) && | ||
683 | (ERANGE == errno) ) ) | ||
684 | { | 681 | { |
685 | #ifdef HAVE_MESSAGES | 682 | #ifdef HAVE_MESSAGES |
686 | MHD_DLOG (connection->daemon, | 683 | MHD_DLOG (connection->daemon, |
687 | "Authentication failed, invalid format.\n"); | 684 | "Authentication failed, invalid nc format.\n"); |
688 | #endif | 685 | #endif |
689 | return MHD_NO; /* invalid nonce format */ | 686 | return MHD_NO; /* invalid nonce format */ |
690 | } | 687 | } |