httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From traw...@apache.org
Subject svn commit: r999717 - in /httpd/httpd/branches/2.2.x: STATUS support/htdigest.c
Date Wed, 22 Sep 2010 01:35:42 GMT
Author: trawick
Date: Wed Sep 22 01:35:42 2010
New Revision: 999717

URL: http://svn.apache.org/viewvc?rev=999717&view=rev
Log:
Backport trunk revs 826506, 826520, 826528, 987498

sync htdigest with trunk to fix overflows and pick up other minor tweaks

Reviewed by: poirier, rpluem

Modified:
    httpd/httpd/branches/2.2.x/STATUS
    httpd/httpd/branches/2.2.x/support/htdigest.c

Modified: httpd/httpd/branches/2.2.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/STATUS?rev=999717&r1=999716&r2=999717&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/STATUS (original)
+++ httpd/httpd/branches/2.2.x/STATUS Wed Sep 22 01:35:42 2010
@@ -87,13 +87,6 @@ RELEASE SHOWSTOPPERS:
 PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
   [ start all new proposals below, under PATCHES PROPOSED. ]
 
-  * sync htdigest with trunk to fix overflows and pick up other minor tweaks
-    Trunk patches: http://svn.apache.org/viewvc?view=revision&revision=826506
-                   http://svn.apache.org/viewvc?view=revision&revision=826520
-                   http://svn.apache.org/viewvc?view=revision&revision=826528
-                   http://svn.apache.org/viewvc?view=revision&revision=987498
-   2.2.x patch: http://people.apache.org/~trawick/htdigest-sync.txt
-   +1: trawick, poirier, rpluem
 
 PATCHES PROPOSED TO BACKPORT FROM TRUNK:
   [ New proposals should be added at the end of the list ]

Modified: httpd/httpd/branches/2.2.x/support/htdigest.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/support/htdigest.c?rev=999717&r1=999716&r2=999717&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/support/htdigest.c (original)
+++ httpd/httpd/branches/2.2.x/support/htdigest.c Wed Sep 22 01:35:42 2010
@@ -124,7 +124,7 @@ static void add_password(const char *use
     char *pw;
     apr_md5_ctx_t context;
     unsigned char digest[16];
-    char string[MAX_STRING_LEN];
+    char string[3 * MAX_STRING_LEN]; /* this includes room for 2 * ':' + '\0' */
     char pwin[MAX_STRING_LEN];
     char pwv[MAX_STRING_LEN];
     unsigned int i;
@@ -144,7 +144,7 @@ static void add_password(const char *use
     apr_file_printf(f, "%s:%s:", user, realm);
 
     /* Do MD5 stuff */
-    sprintf(string, "%s:%s:%s", user, realm, pw);
+    apr_snprintf(string, sizeof(string), "%s:%s:%s", user, realm, pw);
 
     apr_md5_init(&context);
 #if APR_CHARSET_EBCDIC
@@ -188,8 +188,8 @@ int main(int argc, const char * const ar
     char *dirname;
     char user[MAX_STRING_LEN];
     char realm[MAX_STRING_LEN];
-    char line[MAX_STRING_LEN];
-    char l[MAX_STRING_LEN];
+    char line[3 * MAX_STRING_LEN];
+    char l[3 * MAX_STRING_LEN];
     char w[MAX_STRING_LEN];
     char x[MAX_STRING_LEN];
     int found;
@@ -222,9 +222,11 @@ int main(int argc, const char * const ar
                     apr_strerror(rv, errmsg, sizeof errmsg));
             exit(1);
         }
+        apr_cpystrn(user, argv[4], sizeof(user));
+        apr_cpystrn(realm, argv[3], sizeof(realm));
         apr_file_printf(errfile, "Adding password for %s in realm %s.\n",
-                    argv[4], argv[3]);
-        add_password(argv[4], argv[3], f);
+                    user, realm);
+        add_password(user, realm, f);
         apr_file_close(f);
         exit(0);
     }
@@ -253,7 +255,7 @@ int main(int argc, const char * const ar
     apr_cpystrn(realm, argv[2], sizeof(realm));
 
     found = 0;
-    while (!(get_line(line, MAX_STRING_LEN, f))) {
+    while (!(get_line(line, sizeof(line), f))) {
         if (found || (line[0] == '#') || (!line[0])) {
             putline(tfp, line);
             continue;



Mime
View raw message