From 310068c9ca54b86b937dc07c59c5b7a129ed06d7 Mon Sep 17 00:00:00 2001
From: Coen Tempelaars <coen.tempelaars@gmail.com>
Date: Fri, 7 Jul 2023 20:55:04 +0200
Subject: [PATCH] fix replacement of user/pass placeholders in http header

---
 hydra-http-form.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/hydra-http-form.c b/hydra-http-form.c
index 3707b2f..9e3c92b 100644
--- a/hydra-http-form.c
+++ b/hydra-http-form.c
@@ -314,9 +314,15 @@ void hdrrep(ptr_header_node *ptr_head, char *oldvalue, char *newvalue) {
 
   for (cur_ptr = *ptr_head; cur_ptr; cur_ptr = cur_ptr->next) {
     if ((cur_ptr->type == HEADER_TYPE_USERHEADER || cur_ptr->type == HEADER_TYPE_USERHEADER_REPL) && strstr(cur_ptr->value, oldvalue)) {
-      cur_ptr->value = (char *)realloc(cur_ptr->value, strlen(newvalue) + 1);
-      if (cur_ptr->value)
-        strcpy(cur_ptr->value, newvalue);
+      size_t oldlen = strlen(oldvalue);
+      size_t newlen = strlen(newvalue);
+      if (oldlen != newlen)
+        cur_ptr->value = (char *)realloc(cur_ptr->value, strlen(cur_ptr->value) - oldlen + newlen + 1);
+      if (cur_ptr->value) {
+        char *p = strstr(cur_ptr->value, oldvalue);
+        memmove(p + newlen, p + oldlen, strlen(p + oldlen) + 1);
+        memcpy(p, newvalue, newlen);
+      }
       else {
         hydra_report(stderr, "[ERROR] Out of memory (hddrep).\n");
         hydra_child_exit(0);