Merge branch 'master' of https://github.com/vanhauser-thc/thc-hydra

CHANGES

@@ -5,6 +5,7 @@ Release 8.9-dev
 * your patch? :)
 * Fixed svn module memory leaks
 * Fixed rtsp module potential buffer overflow
+* Fixed http module DIGEST-MD5 mode
 * Added memcached module
 * Added mongodb module
 

hydra-http.c

@@ -13,7 +13,7 @@ int32_t start_http(int32_t s, char *ip, int32_t port, unsigned char options, cha
   char *login, *pass, *buffer, buffer2[500];
   char *header;
   char *ptr, *fooptr;
-  int32_t complete_line = 0;
+  int32_t complete_line = 0, buffer_size;
   char tmpreplybuf[1024] = "", *tmpreplybufptr;
 
   if (strlen(login = hydra_get_next_login()) == 0)
@@ -26,7 +26,8 @@ int32_t start_http(int32_t s, char *ip, int32_t port, unsigned char options, cha
 
   header = stringify_headers(&ptr_head);
 
-  if(!(buffer = malloc(strlen(header) + 500))) {
+  buffer_size = strlen(header) + 500;
+  if(!(buffer = malloc(buffer_size))) {
     free(header);
     return 3;
   }
@@ -63,8 +64,8 @@ int32_t start_http(int32_t s, char *ip, int32_t port, unsigned char options, cha
       char *pbuffer;
 
       pbuffer = hydra_strcasestr(http_buf, "WWW-Authenticate: Digest ");
-      strncpy(buffer, pbuffer + strlen("WWW-Authenticate: Digest "), sizeof(buffer));
+      strncpy(buffer, pbuffer + strlen("WWW-Authenticate: Digest "), buffer_size - 1);
-      buffer[sizeof(buffer) - 1] = '\0';
+      buffer[buffer_size - 1] = '\0';
 
       fooptr = buffer2;
       sasl_digest_md5(fooptr, login, pass, buffer, miscptr, type, webtarget, webport, header);

hydra.c

@@ -4009,8 +4009,8 @@ int main(int argc, char *argv[]) {
 
   error += j;
   k = 0;
-  for (j = 0; j < hydra_options.max_use; j++)
+  for (i = 0; i < hydra_options.max_use; i++)
-    if (hydra_heads[j]->active == HEAD_ACTIVE)
+    if (hydra_heads[i]->active == HEAD_ACTIVE)
       k++;
 
   if (error == 0 && k == 0) {