summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2020-09-11 11:20:07 +0200
committerDaniel Stenberg <daniel@haxx.se>2020-09-14 12:33:53 +0200
commita1679498481de5b83532042d1b5bbd269b277a82 (patch)
treef9b9a49f26fee75b16bdb4349c82317803220692
parent70a3b003d964abad49635ba00b111b84a6c52afd (diff)
downloadcurl-a1679498481de5b83532042d1b5bbd269b277a82.tar.gz
curl: make checkpasswd use dynbuf
Closes #5952
-rw-r--r--src/tool_paramhlp.c23
1 files changed, 8 insertions, 15 deletions
diff --git a/src/tool_paramhlp.c b/src/tool_paramhlp.c
index 84d7321bf..03cd44fee 100644
--- a/src/tool_paramhlp.c
+++ b/src/tool_paramhlp.c
@@ -413,6 +413,7 @@ ParameterError str2offset(curl_off_t *val, const char *str)
return PARAM_BAD_NUMERIC;
}
+#define MAX_USERPWDLENGTH (100*1024)
static CURLcode checkpasswd(const char *kind, /* for what purpose */
const size_t i, /* operation index */
const bool last, /* TRUE if last operation */
@@ -432,12 +433,11 @@ static CURLcode checkpasswd(const char *kind, /* for what purpose */
if(!psep && **userpwd != ';') {
/* no password present, prompt for one */
- char passwd[256] = "";
+ char passwd[2048] = "";
char prompt[256];
- size_t passwdlen;
- size_t userlen = strlen(*userpwd);
- char *passptr;
+ struct curlx_dynbuf dyn;
+ curlx_dyn_init(&dyn, MAX_USERPWDLENGTH);
if(osep)
*osep = '\0';
@@ -453,22 +453,15 @@ static CURLcode checkpasswd(const char *kind, /* for what purpose */
/* get password */
getpass_r(prompt, passwd, sizeof(passwd));
- passwdlen = strlen(passwd);
-
if(osep)
*osep = ';';
- /* extend the allocated memory area to fit the password too */
- passptr = realloc(*userpwd,
- passwdlen + 1 + /* an extra for the colon */
- userlen + 1); /* an extra for the zero */
- if(!passptr)
+ if(curlx_dyn_addf(&dyn, "%s:%s", *userpwd, passwd))
return CURLE_OUT_OF_MEMORY;
- /* append the password separated with a colon */
- passptr[userlen] = ':';
- memcpy(&passptr[userlen + 1], passwd, passwdlen + 1);
- *userpwd = passptr;
+ /* return the new string */
+ free(*userpwd);
+ *userpwd = curlx_dyn_ptr(&dyn);
}
return CURLE_OK;