aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorJonathan Nieder <jrnieder@gmail.com>2013-08-19 00:36:53 -0700
committerDaniel Stenberg <daniel@haxx.se>2013-08-20 11:16:38 +0200
commitc56f9797e7feb7c2dc93bc389d4b85cc75220d77 (patch)
tree6f89c8776442b7e73818d910fddf62bd7bb726b6 /lib
parent9281be36d5206f02336236a7c90020449109816e (diff)
sasl: allow arbitrarily long username and password
Use appropriately sized buffers on the heap instead of fixed-size buffers on the stack, to allow for longer usernames and passwords. Callers never pass anything longer than MAX_CURL_USER_LENGTH (resp. MAX_CURL_PASSWORD_LENGTH), so no functional change inteded yet.
Diffstat (limited to 'lib')
-rw-r--r--lib/curl_sasl.c25
1 files changed, 16 insertions, 9 deletions
diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c
index fcb001948..924be4bbc 100644
--- a/lib/curl_sasl.c
+++ b/lib/curl_sasl.c
@@ -94,18 +94,18 @@ CURLcode Curl_sasl_create_plain_message(struct SessionHandle *data,
const char *passwdp,
char **outptr, size_t *outlen)
{
- char plainauth[2 * MAX_CURL_USER_LENGTH + MAX_CURL_PASSWORD_LENGTH];
+ CURLcode result;
+ char *plainauth;
size_t ulen;
size_t plen;
ulen = strlen(userp);
plen = strlen(passwdp);
- if(2 * ulen + plen + 2 > sizeof(plainauth)) {
+ plainauth = malloc(2 * ulen + plen + 2);
+ if(!plainauth) {
*outlen = 0;
*outptr = NULL;
-
- /* Plainauth too small */
return CURLE_OUT_OF_MEMORY;
}
@@ -117,8 +117,10 @@ CURLcode Curl_sasl_create_plain_message(struct SessionHandle *data,
memcpy(plainauth + 2 * ulen + 2, passwdp, plen);
/* Base64 encode the reply */
- return Curl_base64_encode(data, plainauth, 2 * ulen + plen + 2, outptr,
- outlen);
+ result = Curl_base64_encode(data, plainauth, 2 * ulen + plen + 2, outptr,
+ outlen);
+ Curl_safefree(plainauth);
+ return result;
}
/*
@@ -190,7 +192,7 @@ CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data,
size_t chlglen = 0;
HMAC_context *ctxt;
unsigned char digest[MD5_DIGEST_LEN];
- char response[MAX_CURL_USER_LENGTH + 2 * MD5_DIGEST_LEN + 1];
+ char *response;
/* Decode the challenge if necessary */
if(chlg64len && *chlg64 != '=') {
@@ -220,14 +222,19 @@ CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data,
Curl_HMAC_final(ctxt, digest);
/* Prepare the response */
- snprintf(response, sizeof(response),
+ response = aprintf(
"%s %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
userp, digest[0], digest[1], digest[2], digest[3], digest[4],
digest[5], digest[6], digest[7], digest[8], digest[9], digest[10],
digest[11], digest[12], digest[13], digest[14], digest[15]);
+ if(!response)
+ return CURLE_OUT_OF_MEMORY;
/* Base64 encode the reply */
- return Curl_base64_encode(data, response, 0, outptr, outlen);
+ result = Curl_base64_encode(data, response, 0, outptr, outlen);
+
+ Curl_safefree(response);
+ return result;
}
/*