cURL / Mailing Lists / curl-library / Single Mail


Re: [PATCH 1/2] ntlm_wb: Fix hard-coded limit on NTLM auth packet size

From: Michael Osipov <>
Date: Fri, 11 Jul 2014 23:50:28 +0200

Am 2014-07-11 23:39, schrieb Steve Holme:
> On Fri, 11 Jul 2014, Michael Osipov wrote:
>>> However, I would be interested to hear other user's views on a
>>> hardcoded buffer size versus having to read the input and reallocate
>>> the buffer if it isn't long enough first.
>> If a static size is enough for most cases, this is fine but I do not think
>> that it makes sense to use something like char *buf = char[SIZE] and
>> then realizing at runtime that this is not enough and then resort to
>> malloc along with a memset. I like David's approach: char *buf =
>> malloc(SIZE) and then realloc if needed. Yes -- a malloc requires a
>> free but that should not be a problem.
>> WDYT?
> I have mixed feelings myself:
> * As we use NTLM_BUFSIZE for the native type 1 and type generation I would be tempted to use it for the Winbind implementation as well

Yes, why not. Unification means less maintenance.

> * If the buffer could be a larger amount - for example above 2k or even 4k then I would take David's approach
> * If I was to use David's approach I would probably recommend a larger "grow by" amount of either 512 bytes or even 1k (NTLM_BUFSIZE) to reduce the number of reallocs

Yes, why not increase. Do you have a rough estimate about the average
bytes needed? I would align to power of 2 and use malloc.


List admin:
Received on 2014-07-11