curl: make checkpasswd use dynbuf

Closes #5952
2024-11-16 22:45:03 -05:00 · 2020-09-11 11:20:07 +02:00 · 2020-09-11 11:20:07 +02:00 · a167949848
commit a167949848
parent 70a3b003d9
1 changed files with 8 additions and 15 deletions
--- a/src/tool_paramhlp.c
+++ b/src/tool_paramhlp.c
@ -413,6 +413,7 @@ ParameterError str2offset(curl_off_t *val, const char *str)
  return PARAM_BAD_NUMERIC;
 }
 #define MAX_USERPWDLENGTH (100*1024)
 static CURLcode checkpasswd(const char *kind, /* for what purpose */
                            const size_t i,   /* operation index */
                            const bool last,  /* TRUE if last operation */
@ -432,12 +433,11 @@ static CURLcode checkpasswd(const char *kind, /* for what purpose */
  if(!psep && **userpwd != ';') {
    /* no password present, prompt for one */
-    char passwd[256] = "";
+    char passwd[2048] = "";
    char prompt[256];
-    size_t passwdlen;
+    struct curlx_dynbuf dyn;
    size_t userlen = strlen(*userpwd);
    char *passptr;
    curlx_dyn_init(&dyn, MAX_USERPWDLENGTH);
    if(osep)
      *osep = '\0';
@ -453,22 +453,15 @@ static CURLcode checkpasswd(const char *kind, /* for what purpose */
    /* get password */
    getpass_r(prompt, passwd, sizeof(passwd));
    passwdlen = strlen(passwd);
    if(osep)
      *osep = ';';
-    /* extend the allocated memory area to fit the password too */
+    if(curlx_dyn_addf(&dyn, "%s:%s", *userpwd, passwd))
    passptr = realloc(*userpwd,
                      passwdlen + 1 + /* an extra for the colon */
                      userlen + 1);   /* an extra for the zero */
    if(!passptr)
      return CURLE_OUT_OF_MEMORY;
-    /* append the password separated with a colon */
+    /* return the new string */
-    passptr[userlen] = ':';
+    free(*userpwd);
-    memcpy(&passptr[userlen + 1], passwd, passwdlen + 1);
+    *userpwd = curlx_dyn_ptr(&dyn);
    *userpwd = passptr;
  }
  return CURLE_OK;