diff options
| author | Steve Holme <steve_holme@hotmail.com> | 2014-12-05 00:22:34 +0000 |
|---|---|---|
| committer | Steve Holme <steve_holme@hotmail.com> | 2014-12-05 00:22:34 +0000 |
| commit | ef5b98742fb7540b14d66ab63558d47d810f5353 (patch) | |
| tree | e423083f7bcf293c38de8cf065ad291e66c047e8 | |
| parent | 697592b3dd9b5e3338d74a4047caf260dacdb8dc (diff) | |
sasl_sspi: Don't use hard coded sizes in Kerberos V5 security data
Don't use a hard coded size of 4 for the security layer and buffer size
in Curl_sasl_create_gssapi_security_message(), instead, use sizeof() as
we have done in the sasl_gssapi module.
| -rw-r--r-- | lib/curl_sasl_sspi.c | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/lib/curl_sasl_sspi.c b/lib/curl_sasl_sspi.c index 883a0ee68..c63b85dd7 100644 --- a/lib/curl_sasl_sspi.c +++ b/lib/curl_sasl_sspi.c @@ -1068,8 +1068,6 @@ CURLcode Curl_sasl_create_gssapi_security_message(struct SessionHandle *data, max_size = 0; } - outdata = htonl(max_size) | sec_layer; - /* Allocate the trailer */ trailer = malloc(sizes.cbSecurityTrailer); if(!trailer) @@ -1084,7 +1082,7 @@ CURLcode Curl_sasl_create_gssapi_security_message(struct SessionHandle *data, } /* Allocate our message */ - messagelen = 4 + strlen(user_name) + 1; + messagelen = sizeof(outdata) + strlen(user_name) + 1; message = malloc(messagelen); if(!message) { Curl_safefree(trailer); @@ -1098,8 +1096,9 @@ CURLcode Curl_sasl_create_gssapi_security_message(struct SessionHandle *data, terminator. Note: Dispite RFC4752 Section 3.1 stating "The authorization identity is not terminated with the zero-valued (%x00) octet." it seems necessary to include it. */ - memcpy(message, &outdata, 4); - strcpy((char *)message + 4, user_name); + outdata = htonl(max_size) | sec_layer; + memcpy(message, &outdata, sizeof(outdata)); + strcpy((char *) message + sizeof(outdata), user_name); Curl_unicodefree(user_name); /* Allocate the padding */ |