diff options
-rw-r--r-- | src/microhttpd/digestauth.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c index f461abd4..ea7bc1c7 100644 --- a/src/microhttpd/digestauth.c +++ b/src/microhttpd/digestauth.c | |||
@@ -619,7 +619,15 @@ MHD_digest_auth_check (struct MHD_Connection *connection, | |||
619 | header value. */ | 619 | header value. */ |
620 | return MHD_NO; | 620 | return MHD_NO; |
621 | } | 621 | } |
622 | nonce_time = strtoul (nonce + len - TIMESTAMP_HEX_LEN, (char **)NULL, 16); | 622 | if (TIMESTAMP_HEX_LEN != MHD_strx_to_uint32_n_ (nonce + len - TIMESTAMP_HEX_LEN, |
623 | TIMESTAMP_HEX_LEN, &nonce_time)) | ||
624 | { | ||
625 | #ifdef HAVE_MESSAGES | ||
626 | MHD_DLOG (connection->daemon, | ||
627 | "Authentication failed, invalid timestamp format.\n"); | ||
628 | #endif | ||
629 | return MHD_NO; | ||
630 | } | ||
623 | t = (uint32_t) MHD_monotonic_sec_counter(); | 631 | t = (uint32_t) MHD_monotonic_sec_counter(); |
624 | /* | 632 | /* |
625 | * First level vetting for the nonce validity: if the timestamp | 633 | * First level vetting for the nonce validity: if the timestamp |