[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[libmicrohttpd] 06/09: check_nonce_nc(): moved 'nc' overflow check out o
From: |
gnunet |
Subject: |
[libmicrohttpd] 06/09: check_nonce_nc(): moved 'nc' overflow check out of mutex lock |
Date: |
Sun, 01 May 2022 16:08:52 +0200 |
This is an automated email from the git hooks/post-receive script.
karlson2k pushed a commit to branch master
in repository libmicrohttpd.
commit 8457dfc7b6a643802accba03c09a7602922a63f1
Author: Evgeny Grin (Karlson2k) <k2k@narod.ru>
AuthorDate: Sun May 1 16:12:22 2022 +0300
check_nonce_nc(): moved 'nc' overflow check out of mutex lock
---
src/microhttpd/digestauth.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c
index d4c0f247..97f614a8 100644
--- a/src/microhttpd/digestauth.c
+++ b/src/microhttpd/digestauth.c
@@ -599,7 +599,10 @@ check_nonce_nc (struct MHD_Connection *connection,
happen in the future... */
mod = daemon->nonce_nc_size;
if (0 == mod)
- return false; /* no array! */
+ return false; /* no array! */
+ if (nc + 64 < nc)
+ return false; /* Overflow, unrealistically high value */
+
/* HT lookup in nonce array */
off = fast_simple_hash ((const uint8_t *) nonce, noncelen) % mod;
/*
@@ -619,7 +622,6 @@ check_nonce_nc (struct MHD_Connection *connection,
/* Note that we use 64 here, as we do not store the
bit for 'nn->nc' itself in 'nn->nmask' */
else if ( (nc < nn->nc) &&
- (nc + 64 > nc /* checking for overflow */) &&
(nc + 64 >= nn->nc) &&
(0 == ((1LLU << (nn->nc - nc - 1)) & nn->nmask)) )
{
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [libmicrohttpd] branch master updated (06336118 -> 76b68f65), gnunet, 2022/05/01
- [libmicrohttpd] 04/09: check_nonce_nc(): simplified, gnunet, 2022/05/01
- [libmicrohttpd] 01/09: microhttpd.h: fixed list of required types, gnunet, 2022/05/01
- [libmicrohttpd] 02/09: digestauth: when checking 'nc' reuse always check nonce match first, gnunet, 2022/05/01
- [libmicrohttpd] 03/09: struct MHD_NonceNc: improved doxy, gnunet, 2022/05/01
- [libmicrohttpd] 07/09: check_nonce_nc(): fixed missing set of the bit for the old 'nc' value, gnunet, 2022/05/01
- [libmicrohttpd] 06/09: check_nonce_nc(): moved 'nc' overflow check out of mutex lock,
gnunet <=
- [libmicrohttpd] 05/09: check_nonce_nc(): improved readability, fixed comments, gnunet, 2022/05/01
- [libmicrohttpd] 09/09: check_nonce_nc(): sorted checks according to probability, gnunet, 2022/05/01
- [libmicrohttpd] 08/09: check_nonce_nc(): additionally improved readability, fixed comments, gnunet, 2022/05/01