make checkers happier by reducing use of strcpy and strcat

author: Christian Grothoff <christian@grothoff.org> 2018-02-22 18:35:08 +0100
committer: Christian Grothoff <christian@grothoff.org> 2018-02-22 18:35:08 +0100
commit: f6c647f638a2f8da434daadf4fef8fb5d4e3124c (patch)
tree: eeadc9def8270f188530cf25a0aa042b19d2b08a /doc
parent: 786887049671035a05d63ed5eaca5c30083d2050 (diff)
download: libmicrohttpd-f6c647f638a2f8da434daadf4fef8fb5d4e3124c.tar.gz
libmicrohttpd-f6c647f638a2f8da434daadf4fef8fb5d4e3124c.zip
1 files changed, 29 insertions, 23 deletions
diff --git a/doc/examples/tlsauthentication.c b/doc/examples/tlsauthentication.c
index 293e5e65..4c512a3b 100644
--- a/doc/examples/tlsauthentication.c
+++ b/doc/examples/tlsauthentication.c
@@ -124,6 +124,7 @@ ask_for_authentication (struct MHD_Connection *connection, const char *realm)
  int ret;
  struct MHD_Response *response;
  char *headervalue;
+  size_t slen;
  const char *strbase = "Basic realm=";
  response = MHD_create_response_from_buffer (0, NULL,
@@ -131,37 +132,44 @@ ask_for_authentication (struct MHD_Connection *connection, const char *realm)
  if (!response)
    return MHD_NO;
-  headervalue = malloc (strlen (strbase) + strlen (realm) + 1);
+  slen = strlen (strbase) + strlen (realm) + 1;
-  if (!headervalue)
+  if (NULL == (headervalue = malloc (slen)))
    return MHD_NO;
+  snprintf (headervalue,
-  strcpy (headervalue, strbase);
+            slen,
-  strcat (headervalue, realm);
+            "%s%s",
+            strbase,
-  ret = MHD_add_response_header (response, "WWW-Authenticate", headervalue);
+            realm);
+  ret = MHD_add_response_header (response,
+                                 "WWW-Authenticate",
+                                 headervalue);
  free (headervalue);
-  if (!ret)
+  if (! ret)
    {
      MHD_destroy_response (response);
      return MHD_NO;
    }
-  ret = MHD_queue_response (connection, MHD_HTTP_UNAUTHORIZED, response);
+  ret = MHD_queue_response (connection,
+                            MHD_HTTP_UNAUTHORIZED,
+                            response);
  MHD_destroy_response (response);
  return ret;
 }
 static int
 is_authenticated (struct MHD_Connection *connection,
-                  const char *username, const char *password)
+                  const char *username,
+                  const char *password)
 {
  const char *headervalue;
-  char *expected_b64, *expected;
+  char *expected_b64;
+  char *expected;
  const char *strbase = "Basic ";
  int authenticated;
+  size_t slen;
+  
  headervalue =
    MHD_lookup_connection_value (connection, MHD_HEADER_KIND,
                                 "Authorization");
@@ -170,14 +178,14 @@ is_authenticated (struct MHD_Connection *connection,
  if (0 != strncmp (headervalue, strbase, strlen (strbase)))
    return 0;
-  expected = malloc (strlen (username) + 1 + strlen (password) + 1);
+  slen = strlen (username) + 1 + strlen (password) + 1;
-  if (NULL == expected)
+  if (NULL == (expected = malloc (slen)))
    return 0;
+  snprintf (expected,
-  strcpy (expected, username);
+            slen,
-  strcat (expected, ":");
+            "%s:%s",
-  strcat (expected, password);
+            username,
+            password);
  expected_b64 = string_to_base64 (expected);
  free (expected);
  if (NULL == expected_b64)
@@ -185,9 +193,7 @@ is_authenticated (struct MHD_Connection *connection,
  authenticated =
    (strcmp (headervalue + strlen (strbase), expected_b64) == 0);
  free (expected_b64);
  return authenticated;
 }
author	Christian Grothoff <christian@grothoff.org>	2018-02-22 18:35:08 +0100
committer	Christian Grothoff <christian@grothoff.org>	2018-02-22 18:35:08 +0100
commit	f6c647f638a2f8da434daadf4fef8fb5d4e3124c (patch)
tree	eeadc9def8270f188530cf25a0aa042b19d2b08a /doc
parent	786887049671035a05d63ed5eaca5c30083d2050 (diff)
download	libmicrohttpd-f6c647f638a2f8da434daadf4fef8fb5d4e3124c.tar.gz libmicrohttpd-f6c647f638a2f8da434daadf4fef8fb5d4e3124c.zip

diff --git a/doc/examples/tlsauthentication.c b/doc/examples/tlsauthentication.c index 293e5e65..4c512a3b 100644 --- a/doc/examples/tlsauthentication.c +++ b/doc/examples/tlsauthentication.c
@@ -124,6 +124,7 @@ ask_for_authentication (struct MHD_Connection connection, const char realm)
124	int ret;	124	int ret;
125	struct MHD_Response *response;	125	struct MHD_Response *response;
126	char *headervalue;	126	char *headervalue;
		127	size_t slen;
127	const char *strbase = "Basic realm=";	128	const char *strbase = "Basic realm=";
128		129
129	response = MHD_create_response_from_buffer (0, NULL,	130	response = MHD_create_response_from_buffer (0, NULL,
@@ -131,37 +132,44 @@ ask_for_authentication (struct MHD_Connection connection, const char realm)
131	if (!response)	132	if (!response)
132	return MHD_NO;	133	return MHD_NO;
133		134
134	headervalue = malloc (strlen (strbase) + strlen (realm) + 1);	135	slen = strlen (strbase) + strlen (realm) + 1;
135	if (!headervalue)	136	if (NULL == (headervalue = malloc (slen)))
136	return MHD_NO;	137	return MHD_NO;
137		138	snprintf (headervalue,
138	strcpy (headervalue, strbase);	139	slen,
139	strcat (headervalue, realm);	140	"%s%s",
140		141	strbase,
141	ret = MHD_add_response_header (response, "WWW-Authenticate", headervalue);	142	realm);
		143	ret = MHD_add_response_header (response,
		144	"WWW-Authenticate",
		145	headervalue);
142	free (headervalue);	146	free (headervalue);
143	if (!ret)	147	if (! ret)
144	{	148	{
145	MHD_destroy_response (response);	149	MHD_destroy_response (response);
146	return MHD_NO;	150	return MHD_NO;
147	}	151	}
148		152
149	ret = MHD_queue_response (connection, MHD_HTTP_UNAUTHORIZED, response);	153	ret = MHD_queue_response (connection,
150		154	MHD_HTTP_UNAUTHORIZED,
		155	response);
151	MHD_destroy_response (response);	156	MHD_destroy_response (response);
152
153	return ret;	157	return ret;
154	}	158	}
155		159
		160
156	static int	161	static int
157	is_authenticated (struct MHD_Connection *connection,	162	is_authenticated (struct MHD_Connection *connection,
158	const char username, const char password)	163	const char *username,
		164	const char *password)
159	{	165	{
160	const char *headervalue;	166	const char *headervalue;
161	char expected_b64, expected;	167	char *expected_b64;
		168	char *expected;
162	const char *strbase = "Basic ";	169	const char *strbase = "Basic ";
163	int authenticated;	170	int authenticated;
164		171	size_t slen;
		172
165	headervalue =	173	headervalue =
166	MHD_lookup_connection_value (connection, MHD_HEADER_KIND,	174	MHD_lookup_connection_value (connection, MHD_HEADER_KIND,
167	"Authorization");	175	"Authorization");
@@ -170,14 +178,14 @@ is_authenticated (struct MHD_Connection *connection,
170	if (0 != strncmp (headervalue, strbase, strlen (strbase)))	178	if (0 != strncmp (headervalue, strbase, strlen (strbase)))
171	return 0;	179	return 0;
172		180
173	expected = malloc (strlen (username) + 1 + strlen (password) + 1);	181	slen = strlen (username) + 1 + strlen (password) + 1;
174	if (NULL == expected)	182	if (NULL == (expected = malloc (slen)))
175	return 0;	183	return 0;
176		184	snprintf (expected,
177	strcpy (expected, username);	185	slen,
178	strcat (expected, ":");	186	"%s:%s",
179	strcat (expected, password);	187	username,
180		188	password);
181	expected_b64 = string_to_base64 (expected);	189	expected_b64 = string_to_base64 (expected);
182	free (expected);	190	free (expected);
183	if (NULL == expected_b64)	191	if (NULL == expected_b64)
@@ -185,9 +193,7 @@ is_authenticated (struct MHD_Connection *connection,
185		193
186	authenticated =	194	authenticated =
187	(strcmp (headervalue + strlen (strbase), expected_b64) == 0);	195	(strcmp (headervalue + strlen (strbase), expected_b64) == 0);
188
189	free (expected_b64);	196	free (expected_b64);
190
191	return authenticated;	197	return authenticated;
192	}	198	}
193		199