espressif/esp-idf
1
0
Fork 1
mirror of https://github.com/espressif/esp-idf.git synced 2025-07-31 11:17:20 +02:00
Code Issues Packages Projects Releases Wiki Activity

http_auth.c: Fix crash when opaque field is not present in challenge string

Browse Source 
Closes: https://github.com/espressif/esp-idf/issues/5888
This commit is contained in:
Shubham Kulkarni
2020-10-01 14:32:50 +05:30
parent 83f4ebf852
commit aceb38c326
1 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
components/esp_http_client/lib/http_auth.c
View File

@@ -72,6 +72,7 @@ char *http_auth_digest(const char *username, const char *password, esp_http_auth
char *ha1, *ha2 = NULL; char *ha1, *ha2 = NULL;
char *digest = NULL; char *digest = NULL;
char *auth_str = NULL; char *auth_str = NULL;
char *temp_auth_str = NULL;
if (username == NULL || if (username == NULL ||
password == NULL || password == NULL ||
@@ -123,8 +124,13 @@ char *http_auth_digest(const char *username, const char *password, esp_http_auth
} }
} }
asprintf(&auth_str, "Digest username=\"%s\", realm=\"%s\", nonce=\"%s\", uri=\"%s\", algorithm=\"MD5\", " asprintf(&auth_str, "Digest username=\"%s\", realm=\"%s\", nonce=\"%s\", uri=\"%s\", algorithm=\"MD5\", "
"response=\"%s\", opaque=\"%s\", qop=%s, nc=%08x, cnonce=\"%016llx\"", "response=\"%s\", qop=%s, nc=%08x, cnonce=\"%016llx\"",
username, auth_data->realm, auth_data->nonce, auth_data->uri, digest, auth_data->opaque, auth_data->qop, auth_data->nc, auth_data->cnonce); username, auth_data->realm, auth_data->nonce, auth_data->uri, digest, auth_data->qop, auth_data->nc, auth_data->cnonce);
if (auth_data->opaque) {
asprintf(&temp_auth_str, "%s, opaque=\"%s\"", auth_str, auth_data->opaque);
free(auth_str);
auth_str = temp_auth_str;
}
_digest_exit: _digest_exit:
free(ha1); free(ha1);
free(ha2); free(ha2);