From b6e1853dae209ce1f64087c11afc89a8c3e94a66 Mon Sep 17 00:00:00 2001 From: Jan Sievers Date: Thu, 15 Aug 2013 15:28:14 -0600 Subject: [PATCH] Regression Bug 3077: off-by-one error in Digest header decoding This is a regression in the 3.2 and later version of the original bug fix patch. The effect is that all attributes are treated as quoted-string values with unescaping performed. This ends with credentials wrongly being rejected as invalid. --- src/auth/digest/auth_digest.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/auth/digest/auth_digest.cc b/src/auth/digest/auth_digest.cc index a51ff5b6d1..f9609c842a 100644 --- a/src/auth/digest/auth_digest.cc +++ b/src/auth/digest/auth_digest.cc @@ -816,7 +816,7 @@ Auth::Digest::Config::decode(char const *proxy_auth) vlen = 0; } - StringArea keyName(item, nlen-1); + StringArea keyName(item, nlen); String value; if (vlen > 0) { -- 2.47.2