diff options
| author | Brad King <brad.king@kitware.com> | 2022-10-31 20:11:41 (GMT) |
|---|---|---|
| committer | Brad King <brad.king@kitware.com> | 2022-10-31 20:11:41 (GMT) |
| commit | 9ffe6b0969fc270cc2a1aac2b2c1bf986af291d5 (patch) | |
| tree | 75711965f7fd24679383853a840f42efff676e31 /Utilities/cmcurl/lib/krb5.c | |
| parent | fa9bbb8627e8af5153367721eb037b6e094670d1 (diff) | |
| parent | ec122fff08ab9a8e56fb90126ecedb99c759011b (diff) | |
| download | CMake-9ffe6b0969fc270cc2a1aac2b2c1bf986af291d5.zip CMake-9ffe6b0969fc270cc2a1aac2b2c1bf986af291d5.tar.gz CMake-9ffe6b0969fc270cc2a1aac2b2c1bf986af291d5.tar.bz2 | |
Merge branch 'upstream-curl' into update-curl
* upstream-curl:
curl 2022-10-26 (cd95ee9f)
Diffstat (limited to 'Utilities/cmcurl/lib/krb5.c')
| -rw-r--r-- | Utilities/cmcurl/lib/krb5.c | 20 |
1 files changed, 13 insertions, 7 deletions
diff --git a/Utilities/cmcurl/lib/krb5.c b/Utilities/cmcurl/lib/krb5.c index dee94c9..1c993c1 100644 --- a/Utilities/cmcurl/lib/krb5.c +++ b/Utilities/cmcurl/lib/krb5.c @@ -5,6 +5,8 @@ * Copyright (c) 2004 - 2022 Daniel Stenberg * All rights reserved. * + * SPDX-License-Identifier: BSD-3-Clause + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -140,11 +142,8 @@ krb5_decode(void *app_data, void *buf, int len, enc.value = buf; enc.length = len; maj = gss_unwrap(&min, *context, &enc, &dec, NULL, NULL); - if(maj != GSS_S_COMPLETE) { - if(len >= 4) - strcpy(buf, "599 "); + if(maj != GSS_S_COMPLETE) return -1; - } memcpy(buf, dec.value, dec.length); len = curlx_uztosi(dec.length); @@ -506,6 +505,7 @@ static CURLcode read_data(struct connectdata *conn, { int len; CURLcode result; + int nread; result = socket_read(fd, &len, sizeof(len)); if(result) @@ -514,7 +514,10 @@ static CURLcode read_data(struct connectdata *conn, if(len) { /* only realloc if there was a length */ len = ntohl(len); - buf->data = Curl_saferealloc(buf->data, len); + if(len > CURL_MAX_INPUT_LENGTH) + len = 0; + else + buf->data = Curl_saferealloc(buf->data, len); } if(!len || !buf->data) return CURLE_OUT_OF_MEMORY; @@ -522,8 +525,11 @@ static CURLcode read_data(struct connectdata *conn, result = socket_read(fd, buf->data, len); if(result) return result; - buf->size = conn->mech->decode(conn->app_data, buf->data, len, - conn->data_prot, conn); + nread = conn->mech->decode(conn->app_data, buf->data, len, + conn->data_prot, conn); + if(nread < 0) + return CURLE_RECV_ERROR; + buf->size = (size_t)nread; buf->index = 0; return CURLE_OK; } |