From 2b9333c4b1e3dffbd078cb4a747cc4254f3aa78f Mon Sep 17 00:00:00 2001 From: Peter Lemenkov <lemenkov@gmail.com> Date: Fri, 29 Jan 2010 19:16:18 +0300 Subject: [PATCH 3/3] Initial fix for RHBZ #559620. Signed-off-by: Peter Lemenkov <lemenkov@gmail.com> --- auth.c | 13 +++++++++---- 1 files changed, 9 insertions(+), 4 deletions(-) diff --git a/auth.c b/auth.c index 3e96037..6283d50 100644 --- a/auth.c +++ b/auth.c @@ -223,6 +223,7 @@ int createAuthHeaderMD5(char * user, char * password, int password_len, char * m static unsigned int mync = 1; int has_opaque = 0; MD5_CTX Md5Ctx; + char tmpbuf[2048]; // Extract the Auth Type - If not present, using 'none' cnonce[0] = '\0'; @@ -254,7 +255,8 @@ int createAuthHeaderMD5(char * user, char * password, int password_len, char * m sprintf(result, "Digest username=\"%s\",realm=\"%s\"",user,tmp); if (cnonce[0] != '\0') { - sprintf(result, "%s,cnonce=\"%s\",nc=%s,qop=%s",result,cnonce,nc,authtype); + snprintf(tmpbuf, 2048, "%s,cnonce=\"%s\",nc=%s,qop=%s",result,cnonce,nc,authtype); + strcpy(result,tmpbuf); } // Construct the URI @@ -284,7 +286,8 @@ int createAuthHeaderMD5(char * user, char * password, int password_len, char * m MD5_Final(ha2, &Md5Ctx); hashToHex(&ha2[0], &ha2_hex[0]); - sprintf(result, "%s,uri=\"%s\"",result,tmp); + snprintf(tmpbuf, 2048, "%s,uri=\"%s\"",result,tmp); + strcpy(result,tmpbuf); // Extract the Nonce if (!getAuthParameter("nonce", auth, tmp, sizeof(tmp))) { @@ -309,10 +312,12 @@ int createAuthHeaderMD5(char * user, char * password, int password_len, char * m MD5_Final(resp, &Md5Ctx); hashToHex(&resp[0], &resp_hex[0]); - sprintf(result, "%s,nonce=\"%s\",response=\"%s\",algorithm=%s",result,tmp,resp_hex,algo); + snprintf(tmpbuf, 2048, "%s,nonce=\"%s\",response=\"%s\",algorithm=%s",result,tmp,resp_hex,algo); + strcpy(result,tmpbuf); if (has_opaque) { - sprintf(result, "%s,opaque=\"%s\"",result,opaque); + snprintf(tmpbuf, 2048, "%s,opaque=\"%s\"",result,opaque); + strcpy(result,tmpbuf); } return 1; -- 1.6.2.5