From af808bc4d90a0d9ff1b3993414ec7cc40f911913 Mon Sep 17 00:00:00 2001 From: van Hauser Date: Sat, 16 Mar 2019 18:20:08 -0400 Subject: [PATCH] http md5-digest fix --- CHANGES | 1 + hydra-http.c | 9 +++++---- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/CHANGES b/CHANGES index d9dce31..edf5588 100644 --- a/CHANGES +++ b/CHANGES @@ -5,6 +5,7 @@ Release 8.9-dev * your patch? :) * Fixed svn module memory leaks * Fixed rtsp module potential buffer overflow +* Fixed http module DIGEST-MD5 mode * Added memcached module diff --git a/hydra-http.c b/hydra-http.c index db9b500..8b19b28 100644 --- a/hydra-http.c +++ b/hydra-http.c @@ -13,7 +13,7 @@ int32_t start_http(int32_t s, char *ip, int32_t port, unsigned char options, cha char *login, *pass, *buffer, buffer2[500]; char *header; char *ptr, *fooptr; - int32_t complete_line = 0; + int32_t complete_line = 0, buffer_size; char tmpreplybuf[1024] = "", *tmpreplybufptr; if (strlen(login = hydra_get_next_login()) == 0) @@ -26,7 +26,8 @@ int32_t start_http(int32_t s, char *ip, int32_t port, unsigned char options, cha header = stringify_headers(&ptr_head); - if(!(buffer = malloc(strlen(header) + 500))) { + buffer_size = strlen(header) + 500; + if(!(buffer = malloc(buffer_size))) { free(header); return 3; } @@ -63,8 +64,8 @@ int32_t start_http(int32_t s, char *ip, int32_t port, unsigned char options, cha char *pbuffer; pbuffer = hydra_strcasestr(http_buf, "WWW-Authenticate: Digest "); - strncpy(buffer, pbuffer + strlen("WWW-Authenticate: Digest "), sizeof(buffer)); - buffer[sizeof(buffer) - 1] = '\0'; + strncpy(buffer, pbuffer + strlen("WWW-Authenticate: Digest "), buffer_size - 1); + buffer[buffer_size - 1] = '\0'; fooptr = buffer2; sasl_digest_md5(fooptr, login, pass, buffer, miscptr, type, webtarget, webport, header);