moparisthebest
/
pacman
mirror of https://github.com/moparisthebest/pacman
1
0
Fork 0
Code Issues Releases Wiki Activity

dload: remove user:pass@ definition from hostname 

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
This commit is contained in:
Dave Reisner 2011-09-11 15:27:57 -04:00 committed by Dan McGee
parent 7ad78c2c88
commit 223a92ca9d
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
lib/libalpm/dload.c
View File

@ -123,7 +123,7 @@ static int curl_progress(void *file, double dltotal, double dlnow,
static int curl_gethost(const char *url, char *buffer)
{
size_t hostlen;
char *p;
char *p, *q;
if(strncmp(url, "file://", 7) == 0) {
strcpy(buffer, _("disk"));
@ -134,6 +134,14 @@ static int curl_gethost(const char *url, char *buffer)
}
p += 2; /* jump over the found // */
hostlen = strcspn(p, "/");
/* there might be a user:pass@ on the URL. hide it. */
q = memrchr(p, '@', hostlen);
if(q) {
hostlen -= q - p + 1;
p = q + 1;
}
if(hostlen > 255) {
/* buffer overflow imminent */
return 1;