]> git.ipfire.org Git - thirdparty/apache/httpd.git/commitdiff
projects / thirdparty / apache / httpd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5982477)
htpasswd: don't point to (unused) stack memory on output
authorYann Ylavic <ylavic@apache.org>
Fri, 3 Feb 2017 08:51:49 +0000 (08:51 +0000)
committerYann Ylavic <ylavic@apache.org>
Fri, 3 Feb 2017 08:51:49 +0000 (08:51 +0000)
to make static analysers happy.  PR 60634.

Reported by shqking and Zhenwei Zou.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1781509 13f79535-47bb-0310-9956-ffa450edef68

support/htpasswd.c patch | blob | blame | history

diff --git a/support/htpasswd.c b/support/htpasswd.c
index 11023499a478741a7e82f26ecebcaa3e21491433..e627f8b9bff10af7a615eba7a61d389efd1feb1d 100644 (file)
--- a/support/htpasswd.c
+++ b/support/htpasswd.c
@@ -75,15 +75,20 @@ static int mkrecord(struct passwd_ctx *ctx, char *user)
 {
     char hash_str[MAX_STRING_LEN];
     int ret;
+
     ctx->out = hash_str;
     ctx->out_len = sizeof(hash_str);
 
     ret = mkhash(ctx);
-    if (ret)
+    if (ret) {
+        ctx->out = NULL;
+        ctx->out_len = 0;
         return ret;
+    }
 
     ctx->out = apr_pstrcat(ctx->pool, user, ":", hash_str, NL, NULL);
-    if (strlen(ctx->out) >= MAX_STRING_LEN) {
+    ctx->out_len = strlen(ctx->out);
+    if (ctx->out_len >= MAX_STRING_LEN) {
         ctx->errstr = "resultant record too long";
         return ERR_OVERFLOW;
     }
Mirror of https://github.com/apache/httpd.git