diff options
Diffstat (limited to 'src/microhttpd/digestauth.c')
-rw-r--r-- | src/microhttpd/digestauth.c | 18 |
1 files changed, 10 insertions, 8 deletions
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c index b1add8fc..b6a22785 100644 --- a/src/microhttpd/digestauth.c +++ b/src/microhttpd/digestauth.c | |||
@@ -881,20 +881,23 @@ get_rq_uname (const struct MHD_RqDAuth *params, | |||
881 | buf_used += uname_info->username_len + 1; | 881 | buf_used += uname_info->username_len + 1; |
882 | if (MHD_DIGEST_AUTH_UNAME_TYPE_USERHASH == uname_type) | 882 | if (MHD_DIGEST_AUTH_UNAME_TYPE_USERHASH == uname_type) |
883 | { | 883 | { |
884 | uname_info->userhash_bin_size = MHD_hex_to_bin (uname_info->username, | 884 | size_t res; |
885 | uname_info->username_len, | 885 | uint8_t *const bin_data = (uint8_t *) (buf + buf_used); |
886 | buf + buf_used); | 886 | res = MHD_hex_to_bin (uname_info->username, |
887 | if ( (0 == uname_info->userhash_bin_size) && | 887 | uname_info->username_len, |
888 | (0 != uname_info->username_len) ) | 888 | bin_data); |
889 | if (res != uname_info->username_len / 2) | ||
889 | { | 890 | { |
890 | uname_info->userhash_bin = NULL; | 891 | uname_info->userhash_bin = NULL; |
891 | uname_info->uname_type = MHD_DIGEST_AUTH_UNAME_TYPE_INVALID; | 892 | uname_info->uname_type = MHD_DIGEST_AUTH_UNAME_TYPE_INVALID; |
892 | } | 893 | } |
893 | else | 894 | else |
894 | { | 895 | { |
895 | uname_info->userhash_bin = (uint8_t *) (buf + buf_used); | 896 | /* Avoid pointers outside allocated region when the size is zero */ |
897 | uname_info->userhash_bin = (0 != res) ? | ||
898 | bin_data : (uint8_t *) uname_info->username; | ||
896 | uname_info->uname_type = MHD_DIGEST_AUTH_UNAME_TYPE_USERHASH; | 899 | uname_info->uname_type = MHD_DIGEST_AUTH_UNAME_TYPE_USERHASH; |
897 | buf_used += uname_info->userhash_bin_size; | 900 | buf_used += res; |
898 | } | 901 | } |
899 | } | 902 | } |
900 | else | 903 | else |
@@ -1093,7 +1096,6 @@ MHD_digest_auth_get_request_info3 (struct MHD_Connection *connection) | |||
1093 | info->username = uname_strct.username; | 1096 | info->username = uname_strct.username; |
1094 | info->username_len = uname_strct.username_len; | 1097 | info->username_len = uname_strct.username_len; |
1095 | info->userhash_bin = uname_strct.userhash_bin; | 1098 | info->userhash_bin = uname_strct.userhash_bin; |
1096 | info->userhash_bin_size = uname_strct.userhash_bin_size; | ||
1097 | } | 1099 | } |
1098 | else | 1100 | else |
1099 | info->uname_type = uname_type; | 1101 | info->uname_type = uname_type; |