mirror of
https://github.com/moparisthebest/curl
synced 2024-12-21 23:58:49 -05:00
http: use private user:password output buffer
Don't clobber the receive buffer.
This commit is contained in:
parent
35311b22b9
commit
94460878cc
28
lib/http.c
28
lib/http.c
@ -285,6 +285,7 @@ static CURLcode http_output_basic(struct connectdata *conn, bool proxy)
|
||||
const char *user;
|
||||
const char *pwd;
|
||||
CURLcode result;
|
||||
char *out;
|
||||
|
||||
if(proxy) {
|
||||
userp = &conn->allocptr.proxyuserpwd;
|
||||
@ -297,27 +298,32 @@ static CURLcode http_output_basic(struct connectdata *conn, bool proxy)
|
||||
pwd = conn->passwd;
|
||||
}
|
||||
|
||||
snprintf(data->state.buffer, CURL_BUFSIZE(data->set.buffer_size),
|
||||
"%s:%s", user, pwd);
|
||||
out = aprintf("%s:%s", user, pwd);
|
||||
if(!out)
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
|
||||
result = Curl_base64_encode(data,
|
||||
data->state.buffer, strlen(data->state.buffer),
|
||||
&authorization, &size);
|
||||
result = Curl_base64_encode(data, out, strlen(out), &authorization, &size);
|
||||
if(result)
|
||||
return result;
|
||||
goto fail;
|
||||
|
||||
if(!authorization)
|
||||
return CURLE_REMOTE_ACCESS_DENIED;
|
||||
if(!authorization) {
|
||||
result = CURLE_REMOTE_ACCESS_DENIED;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
free(*userp);
|
||||
*userp = aprintf("%sAuthorization: Basic %s\r\n",
|
||||
proxy ? "Proxy-" : "",
|
||||
authorization);
|
||||
free(authorization);
|
||||
if(!*userp)
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
if(!*userp) {
|
||||
result = CURLE_OUT_OF_MEMORY;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
return CURLE_OK;
|
||||
fail:
|
||||
free(out);
|
||||
return result;
|
||||
}
|
||||
|
||||
/* pickoneauth() selects the most favourable authentication method from the
|
||||
|
Loading…
Reference in New Issue
Block a user