Changeset 4613 for pjproject/trunk/pjlib-util/src/pjlib-util/http_client.c
- Timestamp:
- Oct 8, 2013 9:08:13 AM (11 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
pjproject/trunk/pjlib-util/src/pjlib-util/http_client.c
r4537 r4613 1359 1359 if (chal->qop.slen == 0) { 1360 1360 const pj_str_t STR_MD5 = { "MD5", 3 }; 1361 int max_len; 1361 1362 1362 1363 /* Server doesn't require quality of protection. */ … … 1366 1367 &hreq->param.method); 1367 1368 1369 max_len = len; 1368 1370 len = pj_ansi_snprintf( 1369 phdr->value.ptr, len,1371 phdr->value.ptr, max_len, 1370 1372 "Digest username=\"%.*s\", " 1371 1373 "realm=\"%.*s\", " … … 1380 1382 STR_PREC(STR_MD5), 1381 1383 STR_PREC(digest_response)); 1382 if (len < 0 )1384 if (len < 0 || len >= max_len) 1383 1385 return PJ_ETOOSMALL; 1384 1386 phdr->value.slen = len; … … 1392 1394 const pj_str_t nc = pj_str("00000001"); 1393 1395 const pj_str_t cnonce = pj_str("b39971"); 1396 int max_len; 1394 1397 1395 1398 auth_create_digest_response(&digest_response, cred, … … 1397 1400 &hreq->hurl.path, &chal->realm, 1398 1401 &hreq->param.method); 1402 max_len = len; 1399 1403 len = pj_ansi_snprintf( 1400 phdr->value.ptr, len,1404 phdr->value.ptr, max_len, 1401 1405 "Digest username=\"%.*s\", " 1402 1406 "realm=\"%.*s\", " … … 1417 1421 STR_PREC(nc), 1418 1422 STR_PREC(cnonce)); 1419 if (len < 0 )1423 if (len < 0 || len >= max_len) 1420 1424 return PJ_ETOOSMALL; 1421 1425 phdr->value.slen = len;
Note: See TracChangeset
for help on using the changeset viewer.