aboutsummaryrefslogtreecommitdiff
path: root/src/microhttpd/digestauth.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/microhttpd/digestauth.c')
-rw-r--r--src/microhttpd/digestauth.c9
1 files changed, 3 insertions, 6 deletions
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c
index ea7bc1c7..d4781406 100644
--- a/src/microhttpd/digestauth.c
+++ b/src/microhttpd/digestauth.c
@@ -668,7 +668,7 @@ MHD_digest_auth_check (struct MHD_Connection *connection,
668 (0 == lookup_sub_value (qop, sizeof (qop), header, "qop")) || 668 (0 == lookup_sub_value (qop, sizeof (qop), header, "qop")) ||
669 ( (0 != strcmp (qop, "auth")) && 669 ( (0 != strcmp (qop, "auth")) &&
670 (0 != strcmp (qop, "")) ) || 670 (0 != strcmp (qop, "")) ) ||
671 (0 == lookup_sub_value (nc, sizeof (nc), header, "nc")) || 671 (0 == (len = lookup_sub_value (nc, sizeof (nc), header, "nc")) ) ||
672 (0 == lookup_sub_value (response, sizeof (response), header, "response")) ) 672 (0 == lookup_sub_value (response, sizeof (response), header, "response")) )
673 { 673 {
674#ifdef HAVE_MESSAGES 674#ifdef HAVE_MESSAGES
@@ -677,14 +677,11 @@ MHD_digest_auth_check (struct MHD_Connection *connection,
677#endif 677#endif
678 return MHD_NO; 678 return MHD_NO;
679 } 679 }
680 nci = strtoul (nc, &end, 16); 680 if (len != MHD_strx_to_uint64_n_ (nc, len, &nci))
681 if ( ('\0' != *end) ||
682 ( (LONG_MAX == nci) &&
683 (ERANGE == errno) ) )
684 { 681 {
685#ifdef HAVE_MESSAGES 682#ifdef HAVE_MESSAGES
686 MHD_DLOG (connection->daemon, 683 MHD_DLOG (connection->daemon,
687 "Authentication failed, invalid format.\n"); 684 "Authentication failed, invalid nc format.\n");
688#endif 685#endif
689 return MHD_NO; /* invalid nonce format */ 686 return MHD_NO; /* invalid nonce format */
690 } 687 }