[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[libmicrohttpd] 01/13: digestauth: simplified overflow check
From: |
gnunet |
Subject: |
[libmicrohttpd] 01/13: digestauth: simplified overflow check |
Date: |
Mon, 16 May 2022 20:14:50 +0200 |
This is an automated email from the git hooks/post-receive script.
karlson2k pushed a commit to branch master
in repository libmicrohttpd.
commit 393c5a451cab99ef5fdb9487434e4ecfb7864b1f
Author: Evgeny Grin (Karlson2k) <k2k@narod.ru>
AuthorDate: Mon May 16 15:12:08 2022 +0300
digestauth: simplified overflow check
---
src/microhttpd/digestauth.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c
index 26f972b8..cda8b478 100644
--- a/src/microhttpd/digestauth.c
+++ b/src/microhttpd/digestauth.c
@@ -671,7 +671,7 @@ check_nonce_nc (struct MHD_Connection *connection,
mod = daemon->nonce_nc_size;
if (0 == mod)
return MHD_DAUTH_NONCENC_STALE; /* no array! */
- if (nc + 64 < nc)
+ if (nc >= UINT64_MAX - 64)
return MHD_DAUTH_NONCENC_STALE; /* Overflow, unrealistically high value */
nn = &daemon->nnc[get_nonce_nc_idx (mod, nonce, noncelen)];
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [libmicrohttpd] branch master updated (6c3d5864 -> 129e28d3), gnunet, 2022/05/16
- [libmicrohttpd] 01/13: digestauth: simplified overflow check,
gnunet <=
- [libmicrohttpd] 03/13: configure: use correct quoting in OS detection part, gnunet, 2022/05/16
- [libmicrohttpd] 02/13: configure: additional warning flags, gnunet, 2022/05/16
- [libmicrohttpd] 06/13: internal.h: fixed incorrect use of enum value as preprocessor value, gnunet, 2022/05/16
- [libmicrohttpd] 04/13: configure: use standard Linux settings for Linux on ARM, gnunet, 2022/05/16
- [libmicrohttpd] 08/13: Added missing in 'switch' enum values (no functional change), gnunet, 2022/05/16
- [libmicrohttpd] 11/13: MHD_connection_update_event_loop_info(): more complete TLS states handling, gnunet, 2022/05/16
- [libmicrohttpd] 05/13: Use '#ifdef PARAM' instead of '#if PARAM' for configuration options, gnunet, 2022/05/16
- [libmicrohttpd] 09/13: daemon options: added missing HTTPS-related options error reports for non-HTTPS builds, gnunet, 2022/05/16
- [libmicrohttpd] 13/13: mhd_panic: minor macro improvement, gnunet, 2022/05/16
- [libmicrohttpd] 07/13: Fixed uninitialized value used in assert, gnunet, 2022/05/16