cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: http digest input parse fix

From: Daniel Stenberg <daniel-curl_at_haxx.se>
Date: Sat, 31 Jul 2004 09:23:46 +0200 (CEST)

On Fri, 30 Jul 2004, Joel Chen wrote:

> Curl_input_digest adds a hardcoded 3 to totlen assuming that there are
> always quotes around the content.
>
> Here is a patch to fix it.

Thanks!

Okay, I can see how you've found a bug. But I fail to see how this patch cures
the flaw. You just revert the assumption to always assume no quotes instead,
which isn't a good fix.

> + while( *header && ',' != *header )
> + header ++;

... and scanning for the comma will not be a good idea if the last character
within the content is a comma.

I think a better fix adds the proper length. 3 if the content is within
quotes, and 1 if no quotes were used.

-- 
      Daniel Stenberg -- http://curl.haxx.se -- http://daniel.haxx.se
       Dedicated custom curl help for hire: http://haxx.se/curl.html
Received on 2004-07-31