From: André Malo <nd@apache.org>
Date: Thu, 31 Jul 2003 20:30:26 +0000 (+0000)
Subject: reject overlong credentials from command line
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=88b954ef935ab8de3099f82b17b06ddd6ddd6b0b;p=thirdparty%2Fapache%2Fhttpd.git

reject overlong credentials from command line

Reviewed by: Justin Erenkrantz, Jeff Trawick


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@100881 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/src/CHANGES b/src/CHANGES
index 47700677c46..345c3a1c405 100644
--- a/src/CHANGES
+++ b/src/CHANGES
@@ -1,5 +1,8 @@
 Changes with Apache 1.3.29
 
+  *) ab: Overlong credentials given via command line no longer clobber
+     the buffer.  [André Malo]
+
   *) Fix ProxyPass for ftp requests - the original code was segfaulting since 
      many of the values were not being filled out in the request_rec.
      [Tollef Fog Heen <tfheen@debian.org, Thom May]
diff --git a/src/support/ab.c b/src/support/ab.c
index 3e2cbda4684..09f25e3286c 100644
--- a/src/support/ab.c
+++ b/src/support/ab.c
@@ -1358,14 +1358,14 @@ static void test(void)
 static void copyright(void)
 {
     if (!use_html) {
-	printf("This is ApacheBench, Version %s\n", VERSION " <$Revision: 1.69 $> apache-1.3");
+	printf("This is ApacheBench, Version %s\n", VERSION " <$Revision: 1.70 $> apache-1.3");
 	printf("Copyright (c) 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/\n");
 	printf("Copyright (c) 1998-2002 The Apache Software Foundation, http://www.apache.org/\n");
 	printf("\n");
     }
     else {
 	printf("<p>\n");
-	printf(" This is ApacheBench, Version %s <i>&lt;%s&gt;</i> apache-1.3<br>\n", VERSION, "$Revision: 1.69 $");
+	printf(" This is ApacheBench, Version %s <i>&lt;%s&gt;</i> apache-1.3<br>\n", VERSION, "$Revision: 1.70 $");
 	printf(" Copyright (c) 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/<br>\n");
 	printf(" Copyright (c) 1998-2002 The Apache Software Foundation, http://www.apache.org/<br>\n");
 	printf("</p>\n<p>\n");
@@ -1593,7 +1593,12 @@ int main(int argc, char **argv)
 	     */
 	    while (isspace((int)*optarg))
 		optarg++;
-	    l = ap_base64encode(tmp, optarg, strlen(optarg));
+            if (ap_base64encode_len(strlen(optarg)) > sizeof(tmp)) {
+                fprintf(stderr, "%s: Authentication credentials too long\n",
+                        argv[0]);
+                exit(1);
+            }
+            l = ap_base64encode(tmp, optarg, strlen(optarg));
 	    tmp[l] = '\0';
 
 	    strncat(auth, "Authorization: Basic ", sizeof(auth)-strlen(auth)-1);
@@ -1606,6 +1611,10 @@ int main(int argc, char **argv)
 	     */
 	    while (isspace((int)*optarg))
 		optarg++;
+            if (ap_base64encode_len(strlen(optarg)) > sizeof(tmp)) {
+                fprintf(stderr, "%s: Proxy credentials too long\n", argv[0]);
+                exit(1);
+            }
 	    l = ap_base64encode(tmp, optarg, strlen(optarg));
 	    tmp[l] = '\0';