mirror of
https://github.com/moparisthebest/curl
synced 2024-12-22 08:08:50 -05:00
ntlm_wb: Fixed buffer size not being large enough for NTLMv2 sessions
Bug: http://curl.haxx.se/mail/lib-2014-07/0103.html Reported-by: David Woodhouse
This commit is contained in:
parent
8a120710cc
commit
aaaf9e50ec
@ -5,7 +5,7 @@
|
|||||||
* | (__| |_| | _ <| |___
|
* | (__| |_| | _ <| |___
|
||||||
* \___|\___/|_| \_\_____|
|
* \___|\___/|_| \_\_____|
|
||||||
*
|
*
|
||||||
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
|
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
|
||||||
*
|
*
|
||||||
* This software is licensed as described in the file COPYING, which
|
* This software is licensed as described in the file COPYING, which
|
||||||
* you should have received as part of this distribution. The terms
|
* you should have received as part of this distribution. The terms
|
||||||
@ -43,6 +43,7 @@
|
|||||||
#include "urldata.h"
|
#include "urldata.h"
|
||||||
#include "sendf.h"
|
#include "sendf.h"
|
||||||
#include "select.h"
|
#include "select.h"
|
||||||
|
#include "curl_ntlm_msgs.h"
|
||||||
#include "curl_ntlm_wb.h"
|
#include "curl_ntlm_wb.h"
|
||||||
#include "url.h"
|
#include "url.h"
|
||||||
#include "strerror.h"
|
#include "strerror.h"
|
||||||
@ -227,9 +228,10 @@ static CURLcode ntlm_wb_response(struct connectdata *conn,
|
|||||||
const char *input, curlntlm state)
|
const char *input, curlntlm state)
|
||||||
{
|
{
|
||||||
ssize_t size;
|
ssize_t size;
|
||||||
char buf[200]; /* enough, type 1, 3 message length is less then 200 */
|
char buf[NTLM_BUFSIZE];
|
||||||
char *tmpbuf = buf;
|
char *tmpbuf = buf;
|
||||||
size_t len_in = strlen(input), len_out = sizeof(buf);
|
size_t len_in = strlen(input);
|
||||||
|
size_t len_out = sizeof(buf);
|
||||||
|
|
||||||
while(len_in > 0) {
|
while(len_in > 0) {
|
||||||
ssize_t written = swrite(conn->ntlm_auth_hlpr_socket, input, len_in);
|
ssize_t written = swrite(conn->ntlm_auth_hlpr_socket, input, len_in);
|
||||||
|
Loading…
Reference in New Issue
Block a user