moparisthebest
/
curl
mirror of https://github.com/moparisthebest/curl
1
0
Fork 0
Code Issues Releases Wiki Activity

A bug report on the curl-library list showed a HTTP Digest session going on 

with a 700+ letter nonce. Previously libcurl only support 127 letter ones
and now I bumped it to 1023.
This commit is contained in:
Daniel Stenberg 2007-11-29 22:14:48 +00:00
parent f75ba55b51
commit 45a2240ead
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lib/http_digest.c
View File

@ -90,19 +90,19 @@ CURLdigest Curl_input_digest(struct connectdata *conn,
Curl_digest_cleanup_one(d);
while(more) {
char value[32];
char content[128];
char value[256];
char content[1024];
size_t totlen=0;
while(*header && ISSPACE(*header))
header++;
/* how big can these strings be? */
if((2 == sscanf(header, "%31[^=]=\"%127[^\"]\"",
if((2 == sscanf(header, "%255[^=]=\"%1023[^\"]\"",
value, content)) ||
/* try the same scan but without quotes around the content but don't
include the possibly trailing comma, newline or carriage return */
(2 == sscanf(header, "%31[^=]=%127[^\r\n,]",
(2 == sscanf(header, "%255[^=]=%1023[^\r\n,]",
value, content)) ) {
if(strequal(value, "nonce")) {
d->nonce = strdup(content);