[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[libmicrohttpd] SEGFAULT in digest_calc_ha1_from_user()
From: |
Tim Rühsen |
Subject: |
[libmicrohttpd] SEGFAULT in digest_calc_ha1_from_user() |
Date: |
Sun, 14 Apr 2019 21:08:22 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1 |
Hi,
in digestauth.c, L296 you'll find an unconditional strlen(password).
The function is called via digest_auth_check_all() from
MHD_digest_auth_check_digest2() with a NULL 'password'.
I am not sure what your favorite place is for a fix, so I'll just report
and leave it to you.
Regards, Tim
signature.asc
Description: OpenPGP digital signature
- [libmicrohttpd] SEGFAULT in digest_calc_ha1_from_user(),
Tim Rühsen <=