diff options
author | Steve Holme <steve_holme@hotmail.com> | 2013-04-20 08:51:16 +0100 |
---|---|---|
committer | Steve Holme <steve_holme@hotmail.com> | 2013-04-20 09:16:21 +0100 |
commit | ca8f17a303d6acb0badd15dd030b87664d576745 (patch) | |
tree | 2fddbd99a3c6c80627eb0c8d6212e6caffff453d | |
parent | fddb7b44a79d78e05043e1c97e069308b6b85f79 (diff) |
tool_paramhlp: Fixed options being included in username
Fix to prevent the options from being displayed when curl requests the
user's password if the following command line is specified:
--user username;options
-rw-r--r-- | src/tool_paramhlp.c | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/src/tool_paramhlp.c b/src/tool_paramhlp.c index 5d6f8bbc5..97540d11b 100644 --- a/src/tool_paramhlp.c +++ b/src/tool_paramhlp.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -322,13 +322,19 @@ ParameterError str2offset(curl_off_t *val, const char *str) ParameterError checkpasswd(const char *kind, /* for what purpose */ char **userpwd) /* pointer to allocated string */ { - char *ptr; + char *psep; + char *osep; if(!*userpwd) return PARAM_OK; - ptr = strchr(*userpwd, ':'); - if(!ptr) { + /* Attempt to find the password separator */ + psep = strchr(*userpwd, ':'); + + /* Attempt to find the options separator */ + osep = strchr(*userpwd, ';'); + + if(!psep && **userpwd != ';') { /* no password present, prompt for one */ char passwd[256] = ""; char prompt[256]; @@ -336,6 +342,9 @@ ParameterError checkpasswd(const char *kind, /* for what purpose */ size_t userlen = strlen(*userpwd); char *passptr; + if(osep) + *osep = '\0'; + /* build a nice-looking prompt */ curlx_msnprintf(prompt, sizeof(prompt), "Enter %s password for user '%s':", @@ -345,6 +354,9 @@ ParameterError checkpasswd(const char *kind, /* for what purpose */ getpass_r(prompt, passwd, sizeof(passwd)); passwdlen = strlen(passwd); + if(osep) + *osep = ';'; + /* extend the allocated memory area to fit the password too */ passptr = realloc(*userpwd, passwdlen + 1 + /* an extra for the colon */ |