You are viewing a plain text version of this content. The canonical link for it is here.

Posted to cvs@httpd.apache.org by jo...@apache.org on 2004/08/28 14:19:56 UTC

cvs commit: apache-1.3/src/modules/standard mod_digest.c

jorton      2004/08/28 05:19:56

  Modified:    src/modules/standard mod_digest.c
  Log:
  * modules/standard/mod_digest.c (check_nonce): Fix length check.
  
  Revision  Changes    Path
  1.56      +1 -1      apache-1.3/src/modules/standard/mod_digest.c
  
  Index: mod_digest.c
  ===================================================================
  RCS file: /home/cvs/apache-1.3/src/modules/standard/mod_digest.c,v
  retrieving revision 1.55
  retrieving revision 1.56
  diff -d -w -u -r1.55 -r1.56
  --- mod_digest.c	15 Apr 2004 15:51:52 -0000	1.55
  +++ mod_digest.c	28 Aug 2004 12:19:56 -0000	1.56
  @@ -280,7 +280,7 @@
       char *timestamp = (char *)nonce + 2 * MD5_DIGESTSIZE;
       char *md5;
   
  -    if (strlen(nonce) < MD5_DIGESTSIZE)
  +    if (strlen(nonce) < 2 * MD5_DIGESTSIZE)
          return AUTH_REQUIRED;
   
       md5 = ap_md5(p, (unsigned char *)ap_pstrcat(p, prefix, timestamp, NULL));