curl-library
[PATCH curl 1/6] sasl: allow arbitrarily long username and password
From: Jonathan Nieder <jrnieder_at_gmail.com>
Date: Mon, 19 Aug 2013 00:36:53 -0700
Date: Mon, 19 Aug 2013 00:36:53 -0700
Use appropriately sized buffers on the heap instead of fixed-size
buffers on the stack, to allow for longer usernames and passwords.
Callers never pass anything longer than MAX_CURL_USER_LENGTH (resp.
MAX_CURL_PASSWORD_LENGTH), so no functional change inteded yet.
---
lib/curl_sasl.c | 42 ++++++++++++++++++++++++++++--------------
1 file changed, 28 insertions(+), 14 deletions(-)
diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c
index fcb00194..e62d3323 100644
--- a/lib/curl_sasl.c
+++ b/lib/curl_sasl.c
@@ -94,18 +94,18 @@ CURLcode Curl_sasl_create_plain_message(struct SessionHandle *data,
const char *passwdp,
char **outptr, size_t *outlen)
{
- char plainauth[2 * MAX_CURL_USER_LENGTH + MAX_CURL_PASSWORD_LENGTH];
+ CURLcode result;
+ char *plainauth;
size_t ulen;
size_t plen;
ulen = strlen(userp);
plen = strlen(passwdp);
- if(2 * ulen + plen + 2 > sizeof(plainauth)) {
+ plainauth = malloc(2 * ulen + plen + 2);
+ if(!plainauth) {
*outlen = 0;
*outptr = NULL;
-
- /* Plainauth too small */
return CURLE_OUT_OF_MEMORY;
}
@@ -117,8 +117,10 @@ CURLcode Curl_sasl_create_plain_message(struct SessionHandle *data,
memcpy(plainauth + 2 * ulen + 2, passwdp, plen);
/* Base64 encode the reply */
- return Curl_base64_encode(data, plainauth, 2 * ulen + plen + 2, outptr,
- outlen);
+ result = Curl_base64_encode(data, plainauth, 2 * ulen + plen + 2, outptr,
+ outlen);
+ free(plainauth);
+ return result;
}
/*
@@ -190,14 +192,22 @@ CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data,
size_t chlglen = 0;
HMAC_context *ctxt;
unsigned char digest[MD5_DIGEST_LEN];
- char response[MAX_CURL_USER_LENGTH + 2 * MD5_DIGEST_LEN + 1];
+ char *response = NULL;
+ size_t responselen;
+
+ responselen = strlen(userp) + 2 * MD5_DIGEST_LEN + 2;
+ response = malloc(responselen);
+ if(!response) {
+ result = CURLE_OUT_OF_MEMORY;
+ goto out;
+ }
/* Decode the challenge if necessary */
if(chlg64len && *chlg64 != '=') {
result = Curl_base64_decode(chlg64, &chlg, &chlglen);
if(result)
- return result;
+ goto out;
}
/* Compute the digest using the password as the key */
@@ -206,28 +216,32 @@ CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data,
curlx_uztoui(strlen(passwdp)));
if(!ctxt) {
- Curl_safefree(chlg);
- return CURLE_OUT_OF_MEMORY;
+ result = CURLE_OUT_OF_MEMORY;
+ goto out;
}
/* Update the digest with the given challenge */
if(chlglen > 0)
Curl_HMAC_update(ctxt, chlg, curlx_uztoui(chlglen));
- Curl_safefree(chlg);
-
/* Finalise the digest */
Curl_HMAC_final(ctxt, digest);
/* Prepare the response */
- snprintf(response, sizeof(response),
+ snprintf(response, responselen,
"%s %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
userp, digest[0], digest[1], digest[2], digest[3], digest[4],
digest[5], digest[6], digest[7], digest[8], digest[9], digest[10],
digest[11], digest[12], digest[13], digest[14], digest[15]);
/* Base64 encode the reply */
- return Curl_base64_encode(data, response, 0, outptr, outlen);
+ result = Curl_base64_encode(data, response, 0, outptr, outlen);
+
+ out:
+
+ free(chlg);
+ free(response);
+ return result;
}
/*
--
1.8.4.rc3
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2013-08-19