aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/krb4.c10
-rw-r--r--lib/security.c14
2 files changed, 13 insertions, 11 deletions
diff --git a/lib/krb4.c b/lib/krb4.c
index 7b04828ab..e5ecabffa 100644
--- a/lib/krb4.c
+++ b/lib/krb4.c
@@ -200,7 +200,7 @@ krb4_auth(void *app_data, struct connectdata *conn)
int ret;
char *p;
unsigned char *ptr;
- int len;
+ size_t len;
KTEXT_ST adat;
MSG_DAT msg_data;
int checksum;
@@ -324,7 +324,7 @@ CURLcode Curl_krb_kauth(struct connectdata *conn)
char *name;
char *p;
char passwd[100];
- int tmp;
+ size_t tmp;
ssize_t nread;
int save;
CURLcode result;
@@ -355,11 +355,11 @@ CURLcode Curl_krb_kauth(struct connectdata *conn)
p += 2;
tmp = Curl_base64_decode(p, &ptr);
- if(len > sizeof(tkt.dat)-1) {
+ if(tmp >= sizeof(tkt.dat)) {
free(ptr);
- len=0;
+ tmp=0;
}
- if(!len || !ptr) {
+ if(!tmp || !ptr) {
Curl_failf(conn->data, "Failed to decode base64 in reply.\n");
Curl_set_command_prot(conn, save);
return CURLE_FTP_WEIRD_SERVER_REPLY;
diff --git a/lib/security.c b/lib/security.c
index 64c55b3ba..c1df26c05 100644
--- a/lib/security.c
+++ b/lib/security.c
@@ -297,13 +297,15 @@ int
Curl_sec_read_msg(struct connectdata *conn, char *s, int level)
{
int len;
- char *buf;
+ unsigned char *buf;
int code;
- buf = malloc(strlen(s));
- len = Curl_base64_decode(s + 4, buf); /* XXX */
+ len = Curl_base64_decode(s + 4, &buf); /* XXX */
+ if(len > 0)
+ len = (conn->mech->decode)(conn->app_data, buf, len, level, conn);
+ else
+ return -1;
- len = (conn->mech->decode)(conn->app_data, buf, len, level, conn);
if(len < 0) {
free(buf);
return -1;
@@ -314,10 +316,10 @@ Curl_sec_read_msg(struct connectdata *conn, char *s, int level)
if(buf[3] == '-')
code = 0;
else
- sscanf(buf, "%d", &code);
+ sscanf((char *)buf, "%d", &code);
if(buf[len-1] == '\n')
buf[len-1] = '\0';
- strcpy(s, buf);
+ strcpy(s, (char *)buf);
free(buf);
return code;
}