cURL / Mailing Lists / curl-users / Single Mail

curl-users

http digest input parse fix

From: Joel Chen <jchen_at_interval.com>
Date: Fri, 30 Jul 2004 13:33:53 -0700

Curl_input_digest adds a hardcoded 3 to totlen assuming that there are
always quotes around the content.

 

Here is a patch to fix it.

 

--- http_digest.c 2004-07-30 13:09:00.005855500 -0700

+++ http_digest.new.c 2004-07-30 13:10:06.631708300 -0700

@@ -168,15 +168,19 @@

         else {

           /* unknown specifier, ignore it! */

         }

- totlen = strlen(value)+strlen(content)+3;

+ totlen = strlen(value)+strlen(content)+1; /* 1 for '= */

       }

       else

         break; /* we're done here */

 

       header += totlen;

+ while( *header && ',' != *header )

+ header ++;

       if(',' == *header)

         /* allow the list to be comma-separated */

         header++;

+ else

+ break;

     }

     /* We had a nonce since before, and we got another one now without

        'stale=true'. This means we provided bad credentials in the
previou

 

 

 
Received on 2004-07-30