apr-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 45679] SHA1 passwords starting with {SHA} don't work and cause a minor buffer overrun
Date Mon, 25 Aug 2008 09:54:32 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=45679





--- Comment #2 from Ben Noordhuis <bnoordhuis@gmail.com>  2008-08-25 02:54:31 PST ---
> Does the above work for you?

Yes and no. It fixes the out-of-bounds reads but passwords starting with
'{SHA}' still don't work. I do believe the pointer bump needs to go - it is not
the .htpasswd hash you are chopping bits off, it is the plain-text password the
user entered.


-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@apr.apache.org
For additional commands, e-mail: bugs-help@apr.apache.org


Mime
View raw message