diff options
author | Christian Grothoff <christian@grothoff.org> | 2018-02-22 18:35:08 +0100 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2018-02-22 18:35:08 +0100 |
commit | f6c647f638a2f8da434daadf4fef8fb5d4e3124c (patch) | |
tree | eeadc9def8270f188530cf25a0aa042b19d2b08a /doc | |
parent | 786887049671035a05d63ed5eaca5c30083d2050 (diff) | |
download | libmicrohttpd-f6c647f638a2f8da434daadf4fef8fb5d4e3124c.tar.gz libmicrohttpd-f6c647f638a2f8da434daadf4fef8fb5d4e3124c.zip |
make checkers happier by reducing use of strcpy and strcat
Diffstat (limited to 'doc')
-rw-r--r-- | doc/examples/tlsauthentication.c | 52 |
1 files changed, 29 insertions, 23 deletions
diff --git a/doc/examples/tlsauthentication.c b/doc/examples/tlsauthentication.c index 293e5e65..4c512a3b 100644 --- a/doc/examples/tlsauthentication.c +++ b/doc/examples/tlsauthentication.c | |||
@@ -124,6 +124,7 @@ ask_for_authentication (struct MHD_Connection *connection, const char *realm) | |||
124 | int ret; | 124 | int ret; |
125 | struct MHD_Response *response; | 125 | struct MHD_Response *response; |
126 | char *headervalue; | 126 | char *headervalue; |
127 | size_t slen; | ||
127 | const char *strbase = "Basic realm="; | 128 | const char *strbase = "Basic realm="; |
128 | 129 | ||
129 | response = MHD_create_response_from_buffer (0, NULL, | 130 | response = MHD_create_response_from_buffer (0, NULL, |
@@ -131,37 +132,44 @@ ask_for_authentication (struct MHD_Connection *connection, const char *realm) | |||
131 | if (!response) | 132 | if (!response) |
132 | return MHD_NO; | 133 | return MHD_NO; |
133 | 134 | ||
134 | headervalue = malloc (strlen (strbase) + strlen (realm) + 1); | 135 | slen = strlen (strbase) + strlen (realm) + 1; |
135 | if (!headervalue) | 136 | if (NULL == (headervalue = malloc (slen))) |
136 | return MHD_NO; | 137 | return MHD_NO; |
137 | 138 | snprintf (headervalue, | |
138 | strcpy (headervalue, strbase); | 139 | slen, |
139 | strcat (headervalue, realm); | 140 | "%s%s", |
140 | 141 | strbase, | |
141 | ret = MHD_add_response_header (response, "WWW-Authenticate", headervalue); | 142 | realm); |
143 | ret = MHD_add_response_header (response, | ||
144 | "WWW-Authenticate", | ||
145 | headervalue); | ||
142 | free (headervalue); | 146 | free (headervalue); |
143 | if (!ret) | 147 | if (! ret) |
144 | { | 148 | { |
145 | MHD_destroy_response (response); | 149 | MHD_destroy_response (response); |
146 | return MHD_NO; | 150 | return MHD_NO; |
147 | } | 151 | } |
148 | 152 | ||
149 | ret = MHD_queue_response (connection, MHD_HTTP_UNAUTHORIZED, response); | 153 | ret = MHD_queue_response (connection, |
150 | 154 | MHD_HTTP_UNAUTHORIZED, | |
155 | response); | ||
151 | MHD_destroy_response (response); | 156 | MHD_destroy_response (response); |
152 | |||
153 | return ret; | 157 | return ret; |
154 | } | 158 | } |
155 | 159 | ||
160 | |||
156 | static int | 161 | static int |
157 | is_authenticated (struct MHD_Connection *connection, | 162 | is_authenticated (struct MHD_Connection *connection, |
158 | const char *username, const char *password) | 163 | const char *username, |
164 | const char *password) | ||
159 | { | 165 | { |
160 | const char *headervalue; | 166 | const char *headervalue; |
161 | char *expected_b64, *expected; | 167 | char *expected_b64; |
168 | char *expected; | ||
162 | const char *strbase = "Basic "; | 169 | const char *strbase = "Basic "; |
163 | int authenticated; | 170 | int authenticated; |
164 | 171 | size_t slen; | |
172 | |||
165 | headervalue = | 173 | headervalue = |
166 | MHD_lookup_connection_value (connection, MHD_HEADER_KIND, | 174 | MHD_lookup_connection_value (connection, MHD_HEADER_KIND, |
167 | "Authorization"); | 175 | "Authorization"); |
@@ -170,14 +178,14 @@ is_authenticated (struct MHD_Connection *connection, | |||
170 | if (0 != strncmp (headervalue, strbase, strlen (strbase))) | 178 | if (0 != strncmp (headervalue, strbase, strlen (strbase))) |
171 | return 0; | 179 | return 0; |
172 | 180 | ||
173 | expected = malloc (strlen (username) + 1 + strlen (password) + 1); | 181 | slen = strlen (username) + 1 + strlen (password) + 1; |
174 | if (NULL == expected) | 182 | if (NULL == (expected = malloc (slen))) |
175 | return 0; | 183 | return 0; |
176 | 184 | snprintf (expected, | |
177 | strcpy (expected, username); | 185 | slen, |
178 | strcat (expected, ":"); | 186 | "%s:%s", |
179 | strcat (expected, password); | 187 | username, |
180 | 188 | password); | |
181 | expected_b64 = string_to_base64 (expected); | 189 | expected_b64 = string_to_base64 (expected); |
182 | free (expected); | 190 | free (expected); |
183 | if (NULL == expected_b64) | 191 | if (NULL == expected_b64) |
@@ -185,9 +193,7 @@ is_authenticated (struct MHD_Connection *connection, | |||
185 | 193 | ||
186 | authenticated = | 194 | authenticated = |
187 | (strcmp (headervalue + strlen (strbase), expected_b64) == 0); | 195 | (strcmp (headervalue + strlen (strbase), expected_b64) == 0); |
188 | |||
189 | free (expected_b64); | 196 | free (expected_b64); |
190 | |||
191 | return authenticated; | 197 | return authenticated; |
192 | } | 198 | } |
193 | 199 | ||