diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2013-03-06 13:27:51 +0100 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2013-03-07 11:08:05 +0100 |
| commit | 7f963a19ecbceef5d7e95e677ccc089d04ef987f (patch) | |
| tree | 459db8c1b5d5243e9b5e3ebfd3e8974131d321de /lib/http_digest.c | |
| parent | 9ceee69ff7d6139de759a4f25051e0d661e0c2b0 (diff) | |
| download | curl-7f963a19ecbceef5d7e95e677ccc089d04ef987f.tar.gz | |
checksrc: ban unsafe functions
The list of unsafe functions currently consists of sprintf, vsprintf,
strcat, strncat and gets.
Subsequently, some existing code needed updating to avoid warnings on
this.
Diffstat (limited to 'lib/http_digest.c')
| -rw-r--r-- | lib/http_digest.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/lib/http_digest.c b/lib/http_digest.c index f9f20d487..43513966b 100644 --- a/lib/http_digest.c +++ b/lib/http_digest.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -287,6 +287,7 @@ CURLcode Curl_output_digest(struct connectdata *conn, struct timeval now; char **allocuserpwd; + size_t userlen; const char *userp; const char *passwdp; struct auth *authp; @@ -533,10 +534,11 @@ CURLcode Curl_output_digest(struct connectdata *conn, } /* append CRLF + zero (3 bytes) to the userpwd header */ - tmp = realloc(*allocuserpwd, strlen(*allocuserpwd) + 3); + userlen = strlen(*allocuserpwd); + tmp = realloc(*allocuserpwd, userlen + 3); if(!tmp) return CURLE_OUT_OF_MEMORY; - strcat(tmp, "\r\n"); + strcpy(&tmp[userlen], "\r\n"); /* append the data */ *allocuserpwd = tmp; return CURLE_OK; |