[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 53/254: http: use private user:password output buff
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] [gnurl] 53/254: http: use private user:password output buffer |
|
Date: |
Sat, 17 Jun 2017 16:51:25 +0200 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to annotated tag gnurl-7.54.1
in repository gnurl.
commit 94460878cc634b590a7282e3fe60ceafb62d141a
Author: Daniel Stenberg <address@hidden>
AuthorDate: Mon Apr 24 15:33:57 2017 +0200
http: use private user:password output buffer
Don't clobber the receive buffer.
---
lib/http.c | 28 +++++++++++++++++-----------
1 file changed, 17 insertions(+), 11 deletions(-)
diff --git a/lib/http.c b/lib/http.c
index 22d454709..04bcbae0d 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -285,6 +285,7 @@ static CURLcode http_output_basic(struct connectdata *conn,
bool proxy)
const char *user;
const char *pwd;
CURLcode result;
+ char *out;
if(proxy) {
userp = &conn->allocptr.proxyuserpwd;
@@ -297,27 +298,32 @@ static CURLcode http_output_basic(struct connectdata
*conn, bool proxy)
pwd = conn->passwd;
}
- snprintf(data->state.buffer, CURL_BUFSIZE(data->set.buffer_size),
- "%s:%s", user, pwd);
+ out = aprintf("%s:%s", user, pwd);
+ if(!out)
+ return CURLE_OUT_OF_MEMORY;
- result = Curl_base64_encode(data,
- data->state.buffer, strlen(data->state.buffer),
- &authorization, &size);
+ result = Curl_base64_encode(data, out, strlen(out), &authorization, &size);
if(result)
- return result;
+ goto fail;
- if(!authorization)
- return CURLE_REMOTE_ACCESS_DENIED;
+ if(!authorization) {
+ result = CURLE_REMOTE_ACCESS_DENIED;
+ goto fail;
+ }
free(*userp);
*userp = aprintf("%sAuthorization: Basic %s\r\n",
proxy ? "Proxy-" : "",
authorization);
free(authorization);
- if(!*userp)
- return CURLE_OUT_OF_MEMORY;
+ if(!*userp) {
+ result = CURLE_OUT_OF_MEMORY;
+ goto fail;
+ }
- return CURLE_OK;
+ fail:
+ free(out);
+ return result;
}
/* pickoneauth() selects the most favourable authentication method from the
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [gnurl] 20/254: configure: stop prepending to LDFLAGS, CPPFLAGS, (continued)
- [GNUnet-SVN] [gnurl] 20/254: configure: stop prepending to LDFLAGS, CPPFLAGS, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 10/254: lib: fix maybe-uninitialized warnings, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 14/254: configure: fix the -ldl check for openssl, add -lpthread check, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 17/254: nss: adapt to the new Curl_llist API, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 35/254: test1443: test --remote-time, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 12/254: schannel: Don't treat encrypted partial record as pending data, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 58/254: http: don't clobber the receive buffer for timecond, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 15/254: RELEASE-NOTES: synced with c68fed875, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 16/254: curl-compilers.m4: accept -Og and -Ofast GCC flags, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 19/254: if2ip: fix -Wcast-align warning, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 53/254: http: use private user:password output buffer,
gnunet <=
- [GNUnet-SVN] [gnurl] 07/254: typecheck-gcc: handle function pointers properly, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 23/254: typecheck-gcc: fix _curl_is_slist_info, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 24/254: nss: do not leak PKCS #11 slot while loading a key, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 09/254: gnutls: removed some code when --disable-verbose is configured, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 69/254: openssl: use local stack for temp storage, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 78/254: abstract-unix-socket.d: shorten the help text to fit within 79 cols, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 18/254: Makefile: avoid use of GNU-specific form of $<, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 33/254: cookie_interface.c: changed the other domain to example.com too, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 26/254: nss: load libnssckbi.so if no other trust is specified, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 29/254: http-proxy: remove unused argument from Curl_proxyCONNECT(), gnunet, 2017/06/17