-
Notifications
You must be signed in to change notification settings - Fork 648
Protect base64 encoding buffers #2447
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: master
Are you sure you want to change the base?
Changes from 11 commits
c402339
2125dc5
3d1055f
1c410dc
f6c053e
ef95154
d7fa149
5044dd7
9c81411
c037cd4
8503055
8dff603
da6bc4a
987250e
eb5e533
8305b74
bc1955f
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -1850,8 +1850,12 @@ httpFixupAuthentication(HttpRequest * request, const HttpHeader * hdr_in, HttpHe | |
| username = request->auth_user_request->username(); | ||
| #endif | ||
|
|
||
| blen = base64_encode_update(&ctx, loginbuf, strlen(username), reinterpret_cast<const uint8_t*>(username)); | ||
| blen += base64_encode_update(&ctx, loginbuf+blen, strlen(request->peer_login +1), reinterpret_cast<const uint8_t*>(request->peer_login +1)); | ||
| const auto usernameLen = strlen(username); | ||
| const auto suffixLen = strlen(request->peer_login + 1); | ||
| if (usernameLen + suffixLen > MAX_LOGIN_SZ) | ||
| throw TextException("peer login credentials too long", Here()); | ||
| blen = base64_encode_update(&ctx, loginbuf, usernameLen, reinterpret_cast<const uint8_t*>(username)); | ||
| blen += base64_encode_update(&ctx, loginbuf+blen, suffixLen, reinterpret_cast<const uint8_t*>(request->peer_login +1)); | ||
| blen += base64_encode_final(&ctx, loginbuf+blen); | ||
| httpHeaderPutStrf(hdr_out, header, "Basic %.*s", (int)blen, loginbuf); | ||
| return; | ||
|
|
@@ -1862,9 +1866,14 @@ httpFixupAuthentication(HttpRequest * request, const HttpHeader * hdr_in, HttpHe | |
| (strcmp(request->peer_login, "PASS") == 0 || | ||
| strcmp(request->peer_login, "PROXYPASS") == 0)) { | ||
|
|
||
| blen = base64_encode_update(&ctx, loginbuf, request->extacl_user.size(), reinterpret_cast<const uint8_t*>(request->extacl_user.rawBuf())); | ||
| const auto userLen = request->extacl_user.size(); | ||
| const auto passwdLen = request->extacl_passwd.size(); | ||
| // +1 for the ':' separator between user and passwd | ||
| if (userLen + 1 + passwdLen > MAX_LOGIN_SZ) | ||
| throw TextException("extacl credentials too long for peer login", Here()); | ||
| blen = base64_encode_update(&ctx, loginbuf, userLen, reinterpret_cast<const uint8_t*>(request->extacl_user.rawBuf())); | ||
| blen += base64_encode_update(&ctx, loginbuf+blen, 1, reinterpret_cast<const uint8_t*>(":")); | ||
| blen += base64_encode_update(&ctx, loginbuf+blen, request->extacl_passwd.size(), reinterpret_cast<const uint8_t*>(request->extacl_passwd.rawBuf())); | ||
| blen += base64_encode_update(&ctx, loginbuf+blen, passwdLen, reinterpret_cast<const uint8_t*>(request->extacl_passwd.rawBuf())); | ||
| blen += base64_encode_final(&ctx, loginbuf+blen); | ||
| httpHeaderPutStrf(hdr_out, header, "Basic %.*s", (int)blen, loginbuf); | ||
| return; | ||
|
|
@@ -1894,7 +1903,10 @@ httpFixupAuthentication(HttpRequest * request, const HttpHeader * hdr_in, HttpHe | |
| } | ||
| #endif /* HAVE_KRB5 && HAVE_GSSAPI */ | ||
|
|
||
| blen = base64_encode_update(&ctx, loginbuf, strlen(request->peer_login), reinterpret_cast<const uint8_t*>(request->peer_login)); | ||
| const auto loginLen = strlen(request->peer_login); | ||
| if (loginLen > MAX_LOGIN_SZ) | ||
| throw TextException("peer_login too long", Here()); | ||
| blen = base64_encode_update(&ctx, loginbuf, loginLen, reinterpret_cast<const uint8_t*>(request->peer_login)); | ||
| blen += base64_encode_final(&ctx, loginbuf+blen); | ||
| httpHeaderPutStrf(hdr_out, header, "Basic %.*s", (int)blen, loginbuf); | ||
|
kinkie marked this conversation as resolved.
|
||
| return; | ||
|
|
@@ -1914,13 +1926,14 @@ HttpStateData::httpBuildRequestHeader(HttpRequest * request, | |
| const Http::StateFlags &flags) | ||
| { | ||
| /* building buffer for complex strings */ | ||
| #define BBUF_SZ (MAX_URL+32) | ||
| constexpr auto BBUF_SZ = MAX_URL + 32; | ||
|
kinkie marked this conversation as resolved.
Outdated
|
||
| LOCAL_ARRAY(char, bbuf, BBUF_SZ); | ||
| LOCAL_ARRAY(char, ntoabuf, MAX_IPSTRLEN); | ||
| const HttpHeader *hdr_in = &request->header; | ||
| const HttpHeaderEntry *e = nullptr; | ||
| HttpHeaderPos pos = HttpHeaderInitPos; | ||
| assert (hdr_out->owner == hoRequest); | ||
| Assure(request->url.userInfo().length() < MAX_URL*2); | ||
|
Contributor
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Please move this assertion much lower, placing it immediately above the Rule of thumb: Assert where the invariant is used.
Contributor
Author
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. done
Contributor
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
Not done (or the changes were not pushed). |
||
|
|
||
| /* use our IMS header if the cached entry has Last-Modified time */ | ||
| if (request->lastmod > -1) | ||
|
|
||
Uh oh!
There was an error while loading. Please reload this page.