htpasswd: report the right limit when get_password() overflows.

author Yann Ylavic <ylavic@apache.org>

Fri, 3 Feb 2017 09:11:03 +0000 (09:11 +0000)

committer Yann Ylavic <ylavic@apache.org>

Fri, 3 Feb 2017 09:11:03 +0000 (09:11 +0000)
author Yann Ylavic <ylavic@apache.org>
Fri, 3 Feb 2017 09:11:03 +0000 (09:11 +0000)
committer Yann Ylavic <ylavic@apache.org>
Fri, 3 Feb 2017 09:11:03 +0000 (09:11 +0000)
diff --git a/support/passwd_common.c b/support/passwd_common.c

index 113236c39928492787dc7dffacc554dd887edeb4..664e509b9568ca6cdabff5ada74286239c3201f6 100644 (file)
--- a/support/passwd_common.c
+++ b/support/passwd_common.c
@@ -168,7 +168,7 @@ int get_password(struct passwd_ctx *ctx)
  err_too_long:
      ctx->errstr = apr_psprintf(ctx->pool,
                                 "password too long (>%" APR_SIZE_T_FMT ")",
-                               ctx->out_len - 1);
+                               sizeof(buf) - 1);
      return ERR_OVERFLOW;
  }
author	Yann Ylavic <ylavic@apache.org>
	Fri, 3 Feb 2017 09:11:03 +0000 (09:11 +0000)
committer	Yann Ylavic <ylavic@apache.org>
	Fri, 3 Feb 2017 09:11:03 +0000 (09:11 +0000)